National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • Keyword (text search): Apache
There are 1,716 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2019-12400

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.

Published: August 23, 2019; 05:15:11 PM -04:00
V3.1: 5.5 MEDIUM
    V2: 1.9 LOW
CVE-2019-10747

set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads.

Published: August 23, 2019; 01:15:13 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

Published: August 20, 2019; 05:15:12 PM -04:00
V3.0: 7.3 HIGH
    V2: 7.5 HIGH
CVE-2019-10081

HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.

Published: August 15, 2019; 06:15:12 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.

Published: August 13, 2019; 05:15:13 PM -04:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-9517

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.

Published: August 13, 2019; 05:15:12 PM -04:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-9515

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

Published: August 13, 2019; 05:15:12 PM -04:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-9514

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.

Published: August 13, 2019; 05:15:12 PM -04:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-9512

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

Published: August 13, 2019; 05:15:12 PM -04:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2019-12397

Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue. Upgrade to 2.0.0 or later version of Apache Ranger with the fix.

Published: August 08, 2019; 02:15:10 PM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-10099

Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk (controlled by spark.maxRemoteBlockSizeFetchToMem); in SparkR, using parallelize; in Pyspark, using broadcast and parallelize; and use of python udfs.

Published: August 07, 2019; 01:15:12 PM -04:00
V3.0: 7.5 HIGH
    V2: 4.3 MEDIUM
CVE-2016-10796

cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).

Published: August 06, 2019; 10:15:11 AM -04:00
V3.0: 3.3 LOW
    V2: 2.1 LOW
CVE-2016-10786

cPanel before 60.0.25 allows members of the nobody group to read Apache HTTP Server SSL keys (SEC-186).

Published: August 06, 2019; 09:15:11 AM -04:00
V3.0: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-10094

A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.

Published: August 02, 2019; 03:15:11 PM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-10093

In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.

Published: August 02, 2019; 03:15:11 PM -04:00
V3.0: 6.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-10088

A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.

Published: August 02, 2019; 03:15:11 PM -04:00
V3.0: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-18429

In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291).

Published: August 02, 2019; 12:15:12 PM -04:00
V3.1: 3.3 LOW
    V2: 2.1 LOW
CVE-2017-18428

In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing (SEC-290).

Published: August 02, 2019; 12:15:12 PM -04:00
V3.0: 2.5 LOW
    V2: 1.9 LOW
CVE-2017-18424

In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274).

Published: August 02, 2019; 12:15:12 PM -04:00
V3.0: 3.3 LOW
    V2: 2.1 LOW
CVE-2017-18422

In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272).

Published: August 02, 2019; 12:15:12 PM -04:00
V3.0: 3.3 LOW
    V2: 2.1 LOW