12 matches found
CVE-2020-28052
CVE-2020-28052 — BC Java OpenBSDBCrypt.password check issue : In Legion of the Bouncy Castle BC Java versions 1.65 and 1.66, the OpenBSDBCrypt.checkPassword method can compare data incorrectly during password verification, causing some incorrect passwords to be treated as a match for different, p...
CVE-2022-22932
CVE-2022-22932 affects Apache Karaf via partial path traversal in obr:* commands and the karaf-maven-plugin run goal, which could allow breaking out of the designated folder. The issue is considered low risk in the public description, since obr:* usage is limited and the entry is user-controlled....
CVE-2021-41766
CVE-2021-41766 affects Apache Karaf. The issue arises from insecure Java deserialization in the JMX-based management interface used by Karaf, where the JMX server class path is not protected against unauthenticated deserialization. This can enable an attacker to monitor applications and the Java ...
CVE-2022-40145
Apache Karaf prior to 4.4.2 and 4.3.8 is affected by CVE-2022-40145 due to a lack of validation in JDBCUtils.doCreateDatasource when a JNDI LDAP data source URI is used. An attacker who controls the target LDAP server can trigger remote code execution by injecting a crafted JNDI name into Initial...
CVE-2020-11980
CVE-2020-11980 affects Apache Karaf JMX where JAAS-based authentication and ACL-based authorization allow a non-admin with a viewer role to call get* via etc/jmx.acl.cfg, potentially triggering getMBeansFromURL to fetch MBeans remotely and register them, enabling SSRF-like behavior and MBean regi...
CVE-2018-11788
Apache Karaf contains an XXE vulnerability in its XMLInputFactory used by the features deployer. The XMLInputFactory does not implement mitigation against external entities, enabling potential XML External Entity Injection in Karaf versions prior to 4.1.7 and prior to 4.2.2. First fixed in Karaf ...
CVE-2018-11787
CVE-2018-11787 affects Apache Karaf prior to 3.0.9, 4.0.9 and 4.1.1 where the webconsole opens a Gogo shell and, if Pax Web Extender Whiteboard is present, an unauthenticated /gogo URL can expose the Karaf console. Direct access to /system/console/gogo also requires authentication, but the /gogo ...
CVE-2019-0226
CVE-2019-0226 affects Apache Karaf Config service. A relative path traversal via the install method (via service or MBean) could be used to traverse directories and overwrite files. Any Karaf version before 4.2.5 is affected; impact depends on the filesystem permissions of the Karaf process user....
CVE-2018-11786
Apache Karaf prior to 4.2.0 is vulnerable: if the sshd service is left enabled, any user with Karaf console rights can pivot to read/write files accessible to the Karaf process user. The issue stems from insufficient isolation once an administrator session is active, allowing privilege elevation ...
CVE-2019-0191
Summary: CVE-2019-0191 affects Apache Karaf kar deployer. The ZIP-slip vulnerability arises because the kar deployer reads .kar archives and extracts entries from repository/ and resources/ without validating paths, allowing a malicious .kar to contain directory traversal (..), which can cause th...
CVE-2016-8750
CVE-2016-8750 affects Apache Karaf prior to 4.0.8. The LDAPLoginModule did not properly encode usernames when authenticating via LDAP, exposing a vulnerability to LDAP injection that can lead to Denial of Service. Vulnerable component: Karaf’s LDAP authentication path; root cause: improper userna...
CVE-2014-0219
Apache Karaf before 4.0.10 is affected by CVE-2014-0219. The issue allows local users to trigger a denial of service by sending a shutdown command to the shutdown port exposed on the loopback interface, targeting all listening high ports. The vulnerability stems from a misconfigured shutdown port...