Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-43680 (GCVE-0-2022-43680)
Vulnerability from cvelistv5 – Published: 2022-10-24 00:00 – Updated: 2025-05-30 19:20
VLAI
EPSS
Summary
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-416 - Use After Free
Assigner
References
15 references
| URL | Tags |
|---|---|
| https://github.com/libexpat/libexpat/pull/650 | |
| https://github.com/libexpat/libexpat/issues/649 | |
| https://github.com/libexpat/libexpat/pull/616 | |
| https://lists.debian.org/debian-lts-announce/2022… | mailing-list |
| https://www.debian.org/security/2022/dsa-5266 | vendor-advisory |
| https://security.gentoo.org/glsa/202210-38 | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://security.netapp.com/advisory/ntap-2022111… | |
| http://www.openwall.com/lists/oss-security/2023/12/28/5 | mailing-list |
| http://www.openwall.com/lists/oss-security/2024/01/03/5 | mailing-list |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/pull/650"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/issues/649"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/pull/616"
},
{
"name": "[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html"
},
{
"name": "DSA-5266",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5266"
},
{
"name": "GLSA-202210-38",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-38"
},
{
"name": "FEDORA-2022-ae2559a8f4",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/"
},
{
"name": "FEDORA-2022-3cf0e7ebc7",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/"
},
{
"name": "FEDORA-2022-f3a939e960",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/"
},
{
"name": "FEDORA-2022-5f1e2e9016",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/"
},
{
"name": "FEDORA-2022-49db80f821",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/"
},
{
"name": "FEDORA-2022-c43235716e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221118-0007/"
},
{
"name": "[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/5"
},
{
"name": "[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/5"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-43680",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T19:19:46.789242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T19:20:52.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T12:06:22.913Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libexpat/libexpat/pull/650"
},
{
"url": "https://github.com/libexpat/libexpat/issues/649"
},
{
"url": "https://github.com/libexpat/libexpat/pull/616"
},
{
"name": "[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html"
},
{
"name": "DSA-5266",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5266"
},
{
"name": "GLSA-202210-38",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-38"
},
{
"name": "FEDORA-2022-ae2559a8f4",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/"
},
{
"name": "FEDORA-2022-3cf0e7ebc7",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/"
},
{
"name": "FEDORA-2022-f3a939e960",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/"
},
{
"name": "FEDORA-2022-5f1e2e9016",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/"
},
{
"name": "FEDORA-2022-49db80f821",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/"
},
{
"name": "FEDORA-2022-c43235716e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221118-0007/"
},
{
"name": "[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/5"
},
{
"name": "[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/5"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-43680",
"datePublished": "2022-10-24T00:00:00.000Z",
"dateReserved": "2022-10-24T00:00:00.000Z",
"dateUpdated": "2025-05-30T19:20:52.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-43680",
"date": "2026-06-10",
"epss": "0.00382",
"percentile": "0.59988"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.4.9\", \"matchCriteriaId\": \"262BCBEE-82AD-4ED4-A93E-9AE282BBE16C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\", \"matchCriteriaId\": \"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5735E553-9731-4AAC-BCFF-989377F817B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:solidfire_\\\\\u0026_hci_management_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6D700C5-F67F-4FFB-BE69-D524592A3D2E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F921BC85-568E-4B69-A3CD-CF75C76672F1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD7447BC-F315-4298-A822-549942FC118B\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.\"}, {\"lang\": \"es\", \"value\": \"En libexpat versiones hasta 2.4.9, se presenta un uso de memoria previamente liberada causado por la destrucci\\u00f3n excesiva de un DTD compartido en XML_ExternalEntityParserCreate en situaciones fuera de memoria\"}]",
"id": "CVE-2022-43680",
"lastModified": "2024-11-21T07:27:01.763",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2022-10-24T14:15:53.323",
"references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/28/5\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/03/5\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/649\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/616\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/650\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-38\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221118-0007/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5266\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/28/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/03/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/649\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/616\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/650\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-38\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221118-0007/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5266\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-43680\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-10-24T14:15:53.323\",\"lastModified\":\"2025-05-30T20:15:31.250\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.\"},{\"lang\":\"es\",\"value\":\"En libexpat versiones hasta 2.4.9, se presenta un uso de memoria previamente liberada causado por la destrucci\u00f3n excesiva de un DTD compartido en XML_ExternalEntityParserCreate en situaciones fuera de memoria\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.4.9\",\"matchCriteriaId\":\"262BCBEE-82AD-4ED4-A93E-9AE282BBE16C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire_\\\\\u0026_hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6D700C5-F67F-4FFB-BE69-D524592A3D2E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F921BC85-568E-4B69-A3CD-CF75C76672F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/28/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/03/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/649\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/616\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/650\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-38\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221118-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5266\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/28/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/03/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/649\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/616\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/650\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221118-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5266\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/pull/650\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/649\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/616\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html\", \"name\": \"[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5266\", \"name\": \"DSA-5266\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-38\", \"name\": \"GLSA-202210-38\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/\", \"name\": \"FEDORA-2022-ae2559a8f4\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/\", \"name\": \"FEDORA-2022-3cf0e7ebc7\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/\", \"name\": \"FEDORA-2022-f3a939e960\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/\", \"name\": \"FEDORA-2022-5f1e2e9016\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/\", \"name\": \"FEDORA-2022-49db80f821\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/\", \"name\": \"FEDORA-2022-c43235716e\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221118-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/28/5\", \"name\": \"[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \\\"Use after free\\\" fixed in libexpat\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/03/5\", \"name\": \"[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \\\"Use after free\\\" fixed in libexpat\", \"tags\": [\"mailing-list\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T13:40:06.144Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-43680\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-30T19:19:46.789242Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-30T19:19:10.944Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/pull/650\"}, {\"url\": \"https://github.com/libexpat/libexpat/issues/649\"}, {\"url\": \"https://github.com/libexpat/libexpat/pull/616\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html\", \"name\": \"[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5266\", \"name\": \"DSA-5266\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-38\", \"name\": \"GLSA-202210-38\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/\", \"name\": \"FEDORA-2022-ae2559a8f4\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/\", \"name\": \"FEDORA-2022-3cf0e7ebc7\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/\", \"name\": \"FEDORA-2022-f3a939e960\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/\", \"name\": \"FEDORA-2022-5f1e2e9016\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/\", \"name\": \"FEDORA-2022-49db80f821\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/\", \"name\": \"FEDORA-2022-c43235716e\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221118-0007/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/28/5\", \"name\": \"[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \\\"Use after free\\\" fixed in libexpat\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/03/5\", \"name\": \"[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \\\"Use after free\\\" fixed in libexpat\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-01-03T12:06:22.913Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-43680\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-30T19:20:52.533Z\", \"dateReserved\": \"2022-10-24T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2022-10-24T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2022_8550
Vulnerability from csaf_redhat - Published: 2022-11-21 12:37 - Updated: 2024-11-22 21:03Summary
Red Hat Security Advisory: firefox security update
Severity
Important
Notes
Topic: An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.5.0 ESR.
Security Fix(es):
* Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403)
* Mozilla: Fullscreen notification bypass (CVE-2022-45404)
* Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405)
* Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406)
* Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408)
* Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409)
* Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421)
* Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410)
* Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411)
* Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412)
* Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416)
* Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418)
* Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file.
7.5 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.
7.5 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash.
7.5 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash.
9.8 (Critical)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.
7.5 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash.
8.8 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers.
6.1 (Medium)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on fetch() and XMLHttpRequest; however some webservers have implemented non-standard headers such as X-Http-Method-Override that override the HTTP method, and made this attack possible again. Firefox has applied the same mitigations to the use of this and similar headers.
6.1 (Medium)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer.
8.8 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed.
6.1 (Medium)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks.
6.1 (Medium)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks.
4.3 (Medium)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
8.8 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
99 references
Acknowledgments
the Mozilla project
Anne van Kesteren and Karl Tomlinson
Irvan Kurniawan
Atte Kettunen
Samuel Groß
Gary Kwong
Dongsung Kim
scarlet
Armin Ebert
Erik Kraft
Martin Schwarzl
the Mozilla project
Andrew McCreight
Hafiizh
Suhwan Song of SNU CompSec Lab
Mozilla developers
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 102.5.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403)\n\n* Mozilla: Fullscreen notification bypass (CVE-2022-45404)\n\n* Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405)\n\n* Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406)\n\n* Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408)\n\n* Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409)\n\n* Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421)\n\n* Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410)\n\n* Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411)\n\n* Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412)\n\n* Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416)\n\n* Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418)\n\n* Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8550",
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2143197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143197"
},
{
"category": "external",
"summary": "2143198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143198"
},
{
"category": "external",
"summary": "2143199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143199"
},
{
"category": "external",
"summary": "2143200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143200"
},
{
"category": "external",
"summary": "2143201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143201"
},
{
"category": "external",
"summary": "2143202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143202"
},
{
"category": "external",
"summary": "2143203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143203"
},
{
"category": "external",
"summary": "2143204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143204"
},
{
"category": "external",
"summary": "2143205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143205"
},
{
"category": "external",
"summary": "2143240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143240"
},
{
"category": "external",
"summary": "2143241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143241"
},
{
"category": "external",
"summary": "2143242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143242"
},
{
"category": "external",
"summary": "2143243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143243"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8550.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2024-11-22T21:03:01+00:00",
"generator": {
"date": "2024-11-22T21:03:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:8550",
"initial_release_date": "2022-11-21T12:37:30+00:00",
"revision_history": [
{
"date": "2022-11-21T12:37:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-21T12:37:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:03:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_2.src",
"product": {
"name": "firefox-0:102.5.0-1.el8_2.src",
"product_id": "firefox-0:102.5.0-1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_2.ppc64le",
"product": {
"name": "firefox-0:102.5.0-1.el8_2.ppc64le",
"product_id": "firefox-0:102.5.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_2.x86_64",
"product": {
"name": "firefox-0:102.5.0-1.el8_2.x86_64",
"product_id": "firefox-0:102.5.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_2.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src"
},
"product_reference": "firefox-0:102.5.0-1.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le"
},
"product_reference": "firefox-0:102.5.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_2.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src"
},
"product_reference": "firefox-0:102.5.0-1.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_2.src as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src"
},
"product_reference": "firefox-0:102.5.0-1.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Anne van Kesteren and Karl Tomlinson"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45403",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143197"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Service Workers might have learned size of cross-origin media files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45403"
},
{
"category": "external",
"summary": "RHBZ#2143197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45403"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45403",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45403"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Service Workers might have learned size of cross-origin media files"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Irvan Kurniawan"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45404",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143198"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Fullscreen notification bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45404"
},
{
"category": "external",
"summary": "RHBZ#2143198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143198"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45404"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45404",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45404"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45404",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45404"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Fullscreen notification bypass"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Atte Kettunen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45405",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143199"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream\u0027s on a different thread than creation could have led to a use-after-free and potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free in InputStream implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45405"
},
{
"category": "external",
"summary": "RHBZ#2143199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45405"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45405",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45405"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45405",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45405"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free in InputStream implementation"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Samuel Gro\u00df"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45406",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143200"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nIf an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free of a JavaScript Realm",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45406"
},
{
"category": "external",
"summary": "RHBZ#2143200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45406"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45406",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45406"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45406",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45406"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free of a JavaScript Realm"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Irvan Kurniawan"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45408",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143201"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Fullscreen notification bypass via windowName",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45408"
},
{
"category": "external",
"summary": "RHBZ#2143201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45408"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45408",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45408"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45408",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45408"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Fullscreen notification bypass via windowName"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Gary Kwong"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45409",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143202"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free in Garbage Collection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45409"
},
{
"category": "external",
"summary": "RHBZ#2143202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45409"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45409",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45409"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45409",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45409"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free in Garbage Collection"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Dongsung Kim"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45410",
"cwe": {
"id": "CWE-1275",
"name": "Sensitive Cookie with Improper SameSite Attribute"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143203"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45410"
},
{
"category": "external",
"summary": "RHBZ#2143203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143203"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45410"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45410",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45410"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45410",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45410"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"scarlet"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45411",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143204"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on fetch() and XMLHttpRequest; however some webservers have implemented non-standard headers such as X-Http-Method-Override that override the HTTP method, and made this attack possible again. Firefox has applied the same mitigations to the use of this and similar headers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Cross-Site Tracing was possible via non-standard override headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45411"
},
{
"category": "external",
"summary": "RHBZ#2143204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45411"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45411",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45411"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45411",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45411"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45411",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45411"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Cross-Site Tracing was possible via non-standard override headers"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Armin Ebert"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45412",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143205"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhen resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Symlinks may resolve to partially uninitialized buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45412"
},
{
"category": "external",
"summary": "RHBZ#2143205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45412"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45412",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45412"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45412",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45412"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45412",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45412"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Symlinks may resolve to partially uninitialized buffers"
},
{
"acknowledgments": [
{
"names": [
"Erik Kraft",
"Martin Schwarzl",
"the Mozilla project"
]
},
{
"names": [
"Andrew McCreight"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45416",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143240"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like \"KeyA\" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Keystroke Side-Channel Leakage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45416"
},
{
"category": "external",
"summary": "RHBZ#2143240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45416"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45416",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45416"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45416",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45416"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Keystroke Side-Channel Leakage"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Hafiizh"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45418",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143241"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Custom mouse cursor could have been drawn over browser UI",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45418"
},
{
"category": "external",
"summary": "RHBZ#2143241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143241"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45418"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45418",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45418"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45418",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45418"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Custom mouse cursor could have been drawn over browser UI"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Suhwan Song of SNU CompSec Lab"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45420",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143242"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Iframe contents could be rendered outside the iframe",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45420"
},
{
"category": "external",
"summary": "RHBZ#2143242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45420"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45420",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45420"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45420",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45420"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Mozilla: Iframe contents could be rendered outside the iframe"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45421",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143243"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45421"
},
{
"category": "external",
"summary": "RHBZ#2143243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143243"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45421"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45421",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45421"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45421",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45421"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:37:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8550"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.AUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.E4S:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.src",
"AppStream-8.2.0.Z.TUS:firefox-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.5.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.5.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5"
}
]
}
RHSA-2022_8553
Vulnerability from csaf_redhat - Published: 2022-11-21 12:43 - Updated: 2024-11-22 21:03Summary
Red Hat Security Advisory: firefox security update
Severity
Important
Notes
Topic: An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.5.0 ESR.
Security Fix(es):
* Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403)
* Mozilla: Fullscreen notification bypass (CVE-2022-45404)
* Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405)
* Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406)
* Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408)
* Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409)
* Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421)
* Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410)
* Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411)
* Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412)
* Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416)
* Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418)
* Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash.
9.8 (Critical)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash.
8.8 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers.
6.1 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on fetch() and XMLHttpRequest; however some webservers have implemented non-standard headers such as X-Http-Method-Override that override the HTTP method, and made this attack possible again. Firefox has applied the same mitigations to the use of this and similar headers.
6.1 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer.
8.8 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed.
6.1 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks.
6.1 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks.
4.3 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
8.8 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
99 references
Acknowledgments
the Mozilla project
Anne van Kesteren and Karl Tomlinson
Irvan Kurniawan
Atte Kettunen
Samuel Groß
Gary Kwong
Dongsung Kim
scarlet
Armin Ebert
Erik Kraft
Martin Schwarzl
the Mozilla project
Andrew McCreight
Hafiizh
Suhwan Song of SNU CompSec Lab
Mozilla developers
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 102.5.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403)\n\n* Mozilla: Fullscreen notification bypass (CVE-2022-45404)\n\n* Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405)\n\n* Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406)\n\n* Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408)\n\n* Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409)\n\n* Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421)\n\n* Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410)\n\n* Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411)\n\n* Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412)\n\n* Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416)\n\n* Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418)\n\n* Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8553",
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2143197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143197"
},
{
"category": "external",
"summary": "2143198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143198"
},
{
"category": "external",
"summary": "2143199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143199"
},
{
"category": "external",
"summary": "2143200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143200"
},
{
"category": "external",
"summary": "2143201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143201"
},
{
"category": "external",
"summary": "2143202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143202"
},
{
"category": "external",
"summary": "2143203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143203"
},
{
"category": "external",
"summary": "2143204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143204"
},
{
"category": "external",
"summary": "2143205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143205"
},
{
"category": "external",
"summary": "2143240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143240"
},
{
"category": "external",
"summary": "2143241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143241"
},
{
"category": "external",
"summary": "2143242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143242"
},
{
"category": "external",
"summary": "2143243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143243"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8553.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2024-11-22T21:03:23+00:00",
"generator": {
"date": "2024-11-22T21:03:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:8553",
"initial_release_date": "2022-11-21T12:43:59+00:00",
"revision_history": [
{
"date": "2022-11-21T12:43:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-21T12:43:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:03:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.1::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_1.src",
"product": {
"name": "firefox-0:102.5.0-1.el8_1.src",
"product_id": "firefox-0:102.5.0-1.el8_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_1.ppc64le",
"product": {
"name": "firefox-0:102.5.0-1.el8_1.ppc64le",
"product_id": "firefox-0:102.5.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_1.x86_64",
"product": {
"name": "firefox-0:102.5.0-1.el8_1.x86_64",
"product_id": "firefox-0:102.5.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_1.x86_64",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_1.x86_64",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le"
},
"product_reference": "firefox-0:102.5.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_1.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src"
},
"product_reference": "firefox-0:102.5.0-1.el8_1.src",
"relates_to_product_reference": "AppStream-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64"
},
"product_reference": "firefox-0:102.5.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Anne van Kesteren and Karl Tomlinson"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45403",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143197"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Service Workers might have learned size of cross-origin media files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45403"
},
{
"category": "external",
"summary": "RHBZ#2143197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45403"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45403",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45403"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Service Workers might have learned size of cross-origin media files"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Irvan Kurniawan"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45404",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143198"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Fullscreen notification bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45404"
},
{
"category": "external",
"summary": "RHBZ#2143198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143198"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45404"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45404",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45404"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45404",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45404"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Fullscreen notification bypass"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Atte Kettunen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45405",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143199"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream\u0027s on a different thread than creation could have led to a use-after-free and potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free in InputStream implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45405"
},
{
"category": "external",
"summary": "RHBZ#2143199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45405"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45405",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45405"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45405",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45405"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free in InputStream implementation"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Samuel Gro\u00df"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45406",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143200"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nIf an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free of a JavaScript Realm",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45406"
},
{
"category": "external",
"summary": "RHBZ#2143200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45406"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45406",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45406"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45406",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45406"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free of a JavaScript Realm"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Irvan Kurniawan"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45408",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143201"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Fullscreen notification bypass via windowName",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45408"
},
{
"category": "external",
"summary": "RHBZ#2143201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45408"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45408",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45408"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45408",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45408"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Fullscreen notification bypass via windowName"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Gary Kwong"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45409",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143202"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free in Garbage Collection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45409"
},
{
"category": "external",
"summary": "RHBZ#2143202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45409"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45409",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45409"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45409",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45409"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free in Garbage Collection"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Dongsung Kim"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45410",
"cwe": {
"id": "CWE-1275",
"name": "Sensitive Cookie with Improper SameSite Attribute"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143203"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45410"
},
{
"category": "external",
"summary": "RHBZ#2143203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143203"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45410"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45410",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45410"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45410",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45410"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"scarlet"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45411",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143204"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on fetch() and XMLHttpRequest; however some webservers have implemented non-standard headers such as X-Http-Method-Override that override the HTTP method, and made this attack possible again. Firefox has applied the same mitigations to the use of this and similar headers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Cross-Site Tracing was possible via non-standard override headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45411"
},
{
"category": "external",
"summary": "RHBZ#2143204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45411"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45411",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45411"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45411",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45411"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45411",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45411"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Cross-Site Tracing was possible via non-standard override headers"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Armin Ebert"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45412",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143205"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhen resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Symlinks may resolve to partially uninitialized buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45412"
},
{
"category": "external",
"summary": "RHBZ#2143205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45412"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45412",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45412"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45412",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45412"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45412",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45412"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Symlinks may resolve to partially uninitialized buffers"
},
{
"acknowledgments": [
{
"names": [
"Erik Kraft",
"Martin Schwarzl",
"the Mozilla project"
]
},
{
"names": [
"Andrew McCreight"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45416",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143240"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like \"KeyA\" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Keystroke Side-Channel Leakage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45416"
},
{
"category": "external",
"summary": "RHBZ#2143240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45416"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45416",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45416"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45416",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45416"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Keystroke Side-Channel Leakage"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Hafiizh"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45418",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143241"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Custom mouse cursor could have been drawn over browser UI",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45418"
},
{
"category": "external",
"summary": "RHBZ#2143241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143241"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45418"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45418",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45418"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45418",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45418"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Custom mouse cursor could have been drawn over browser UI"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Suhwan Song of SNU CompSec Lab"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45420",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143242"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Iframe contents could be rendered outside the iframe",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45420"
},
{
"category": "external",
"summary": "RHBZ#2143242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45420"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45420",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45420"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45420",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45420"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Mozilla: Iframe contents could be rendered outside the iframe"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45421",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143243"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45421"
},
{
"category": "external",
"summary": "RHBZ#2143243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143243"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45421"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45421",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45421"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45421",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45421"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.src",
"AppStream-8.1.0.Z.E4S:firefox-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.5.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.5.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5"
}
]
}
RHSA-2022_8554
Vulnerability from csaf_redhat - Published: 2022-11-21 12:51 - Updated: 2024-11-22 21:03Summary
Red Hat Security Advisory: firefox security update
Severity
Important
Notes
Topic: An update for firefox is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.5.0 ESR.
Security Fix(es):
* Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403)
* Mozilla: Fullscreen notification bypass (CVE-2022-45404)
* Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405)
* Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406)
* Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408)
* Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409)
* Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421)
* Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410)
* Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411)
* Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412)
* Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416)
* Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418)
* Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash.
9.8 (Critical)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash.
8.8 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers.
6.1 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on fetch() and XMLHttpRequest; however some webservers have implemented non-standard headers such as X-Http-Method-Override that override the HTTP method, and made this attack possible again. Firefox has applied the same mitigations to the use of this and similar headers.
6.1 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer.
8.8 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed.
6.1 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks.
6.1 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks.
4.3 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
8.8 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
99 references
Acknowledgments
the Mozilla project
Anne van Kesteren and Karl Tomlinson
Irvan Kurniawan
Atte Kettunen
Samuel Groß
Gary Kwong
Dongsung Kim
scarlet
Armin Ebert
Erik Kraft
Martin Schwarzl
the Mozilla project
Andrew McCreight
Hafiizh
Suhwan Song of SNU CompSec Lab
Mozilla developers
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 102.5.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403)\n\n* Mozilla: Fullscreen notification bypass (CVE-2022-45404)\n\n* Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405)\n\n* Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406)\n\n* Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408)\n\n* Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409)\n\n* Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421)\n\n* Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410)\n\n* Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411)\n\n* Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412)\n\n* Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416)\n\n* Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418)\n\n* Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8554",
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2143197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143197"
},
{
"category": "external",
"summary": "2143198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143198"
},
{
"category": "external",
"summary": "2143199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143199"
},
{
"category": "external",
"summary": "2143200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143200"
},
{
"category": "external",
"summary": "2143201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143201"
},
{
"category": "external",
"summary": "2143202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143202"
},
{
"category": "external",
"summary": "2143203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143203"
},
{
"category": "external",
"summary": "2143204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143204"
},
{
"category": "external",
"summary": "2143205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143205"
},
{
"category": "external",
"summary": "2143240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143240"
},
{
"category": "external",
"summary": "2143241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143241"
},
{
"category": "external",
"summary": "2143242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143242"
},
{
"category": "external",
"summary": "2143243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143243"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8554.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2024-11-22T21:03:15+00:00",
"generator": {
"date": "2024-11-22T21:03:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:8554",
"initial_release_date": "2022-11-21T12:51:20+00:00",
"revision_history": [
{
"date": "2022-11-21T12:51:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-21T12:51:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:03:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_7.src",
"product": {
"name": "firefox-0:102.5.0-1.el8_7.src",
"product_id": "firefox-0:102.5.0-1.el8_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_7.aarch64",
"product": {
"name": "firefox-0:102.5.0-1.el8_7.aarch64",
"product_id": "firefox-0:102.5.0-1.el8_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_7.ppc64le",
"product": {
"name": "firefox-0:102.5.0-1.el8_7.ppc64le",
"product_id": "firefox-0:102.5.0-1.el8_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_7.x86_64",
"product": {
"name": "firefox-0:102.5.0-1.el8_7.x86_64",
"product_id": "firefox-0:102.5.0-1.el8_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_7.x86_64",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.x86_64",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:102.5.0-1.el8_7.s390x",
"product": {
"name": "firefox-0:102.5.0-1.el8_7.s390x",
"product_id": "firefox-0:102.5.0-1.el8_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@102.5.0-1.el8_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"product": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"product_id": "firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@102.5.0-1.el8_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"product": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"product_id": "firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@102.5.0-1.el8_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64"
},
"product_reference": "firefox-0:102.5.0-1.el8_7.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le"
},
"product_reference": "firefox-0:102.5.0-1.el8_7.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x"
},
"product_reference": "firefox-0:102.5.0-1.el8_7.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_7.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src"
},
"product_reference": "firefox-0:102.5.0-1.el8_7.src",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:102.5.0-1.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64"
},
"product_reference": "firefox-0:102.5.0-1.el8_7.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:102.5.0-1.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64"
},
"product_reference": "firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:102.5.0-1.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
},
"product_reference": "firefox-debugsource-0:102.5.0-1.el8_7.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Anne van Kesteren and Karl Tomlinson"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45403",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143197"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Service Workers might have learned size of cross-origin media files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45403"
},
{
"category": "external",
"summary": "RHBZ#2143197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45403"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45403",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45403"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Service Workers might have learned size of cross-origin media files"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Irvan Kurniawan"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45404",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143198"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Fullscreen notification bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45404"
},
{
"category": "external",
"summary": "RHBZ#2143198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143198"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45404"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45404",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45404"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45404",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45404"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Fullscreen notification bypass"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Atte Kettunen"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45405",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143199"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream\u0027s on a different thread than creation could have led to a use-after-free and potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free in InputStream implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45405"
},
{
"category": "external",
"summary": "RHBZ#2143199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45405"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45405",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45405"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45405",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45405"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free in InputStream implementation"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Samuel Gro\u00df"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45406",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143200"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nIf an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free of a JavaScript Realm",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45406"
},
{
"category": "external",
"summary": "RHBZ#2143200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45406"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45406",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45406"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45406",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45406"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free of a JavaScript Realm"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Irvan Kurniawan"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45408",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143201"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Fullscreen notification bypass via windowName",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45408"
},
{
"category": "external",
"summary": "RHBZ#2143201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45408"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45408",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45408"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45408",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45408"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Fullscreen notification bypass via windowName"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Gary Kwong"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45409",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143202"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free in Garbage Collection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45409"
},
{
"category": "external",
"summary": "RHBZ#2143202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45409"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45409",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45409"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45409",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45409"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Use-after-free in Garbage Collection"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Dongsung Kim"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45410",
"cwe": {
"id": "CWE-1275",
"name": "Sensitive Cookie with Improper SameSite Attribute"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143203"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45410"
},
{
"category": "external",
"summary": "RHBZ#2143203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143203"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45410"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45410",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45410"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45410",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45410"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"scarlet"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45411",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143204"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on fetch() and XMLHttpRequest; however some webservers have implemented non-standard headers such as X-Http-Method-Override that override the HTTP method, and made this attack possible again. Firefox has applied the same mitigations to the use of this and similar headers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Cross-Site Tracing was possible via non-standard override headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45411"
},
{
"category": "external",
"summary": "RHBZ#2143204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45411"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45411",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45411"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45411",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45411"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45411",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45411"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Cross-Site Tracing was possible via non-standard override headers"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Armin Ebert"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45412",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143205"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhen resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Symlinks may resolve to partially uninitialized buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45412"
},
{
"category": "external",
"summary": "RHBZ#2143205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45412"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45412",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45412"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45412",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45412"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45412",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45412"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Symlinks may resolve to partially uninitialized buffers"
},
{
"acknowledgments": [
{
"names": [
"Erik Kraft",
"Martin Schwarzl",
"the Mozilla project"
]
},
{
"names": [
"Andrew McCreight"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45416",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143240"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like \"KeyA\" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Keystroke Side-Channel Leakage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45416"
},
{
"category": "external",
"summary": "RHBZ#2143240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45416"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45416",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45416"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45416",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45416"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Keystroke Side-Channel Leakage"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Hafiizh"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45418",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143241"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Custom mouse cursor could have been drawn over browser UI",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45418"
},
{
"category": "external",
"summary": "RHBZ#2143241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143241"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45418"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45418",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45418"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45418",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45418"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Custom mouse cursor could have been drawn over browser UI"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Suhwan Song of SNU CompSec Lab"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45420",
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143242"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Iframe contents could be rendered outside the iframe",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45420"
},
{
"category": "external",
"summary": "RHBZ#2143242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45420"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45420",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45420"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45420",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45420"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Mozilla: Iframe contents could be rendered outside the iframe"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-45421",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143243"
}
],
"notes": [
{
"category": "description",
"text": "The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45421"
},
{
"category": "external",
"summary": "RHBZ#2143243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143243"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45421"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45421",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-45421"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45421",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45421"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-21T12:51:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.src",
"AppStream-8.7.0.Z.MAIN:firefox-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debuginfo-0:102.5.0-1.el8_7.x86_64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.aarch64",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.ppc64le",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.s390x",
"AppStream-8.7.0.Z.MAIN:firefox-debugsource-0:102.5.0-1.el8_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5"
}
]
}
RHSA-2023:0103
Vulnerability from csaf_redhat - Published: 2023-01-12 09:28 - Updated: 2025-12-09 09:08Summary
Red Hat Security Advisory: expat security update
Severity
Moderate
Notes
Topic: An update for expat is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: use-after free caused by overeager destruction of a shared DTD in
XML_ExternalEntityParserCreate (CVE-2022-43680)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: use-after free caused by overeager destruction of a shared DTD in\nXML_ExternalEntityParserCreate (CVE-2022-43680)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0103",
"url": "https://access.redhat.com/errata/RHSA-2023:0103"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0103.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2025-12-09T09:08:55+00:00",
"generator": {
"date": "2025-12-09T09:08:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2023:0103",
"initial_release_date": "2023-01-12T09:28:37+00:00",
"revision_history": [
{
"date": "2023-01-12T09:28:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-12T09:28:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-09T09:08:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.src",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.src",
"product_id": "expat-0:2.2.5-10.el8_7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.src",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-12T09:28:37+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
}
]
}
RHSA-2023:0337
Vulnerability from csaf_redhat - Published: 2023-01-23 15:29 - Updated: 2025-12-09 09:08Summary
Red Hat Security Advisory: expat security update
Severity
Moderate
Notes
Topic: An update for expat is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0337",
"url": "https://access.redhat.com/errata/RHSA-2023:0337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0337.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2025-12-09T09:08:52+00:00",
"generator": {
"date": "2025-12-09T09:08:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2023:0337",
"initial_release_date": "2023-01-23T15:29:49+00:00",
"revision_history": [
{
"date": "2023-01-23T15:29:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-23T15:29:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-09T09:08:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.src",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.src",
"product_id": "expat-0:2.4.9-1.el9_1.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.src",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.src",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:29:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, applications using the Expat library must be restarted for the update to take effect.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0337"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
}
]
}
RHSA-2023:3355
Vulnerability from csaf_redhat - Published: 2023-06-05 11:46 - Updated: 2026-03-22 01:26Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update
Severity
Important
Notes
Topic: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
* curl: HSTS bypass via IDN (CVE-2022-43551)
* curl: HTTP Proxy deny use-after-free (CVE-2022-43552)
* curl: HSTS ignored on multiple requests (CVE-2023-23914)
* curl: HSTS amnesia with --parallel (CVE-2023-23915)
* curl: HTTP multi-header compression denial of service (CVE-2023-23916)
* curl: TELNET option IAC injection (CVE-2023-27533)
* curl: SFTP path ~ resolving discrepancy (CVE-2023-27534)
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)
* httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A double-free vulnerability was found in OpenSSL's PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (for example, "CERTIFICATE"), any header data, and the payload data. If the function succeeds, then the "name_out," "header," and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Apache Portable Runtime Utility (APR-util) library. This issue may allow a malicious attacker to cause an out-of-bounds write due to an integer overflow when encoding/decoding a very long string using the base64 family of functions.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in curl. The issue can occur when curl's HSTS check is bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of an insecure clear-text HTTP step even when providing HTTP in the URL. Suppose the hostname in the given URL first uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion. In that case, it can bypass the HSTS mechanism using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the information, IDN encoded but looked for it as IDN decoded.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the Curl package, where the HSTS mechanism would be ignored by subsequent transfers when done on the same command line because the state would not be properly carried. This issue may result in limited confidentiality and integrity.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file gets overwritten by the most recently completed transfer. This issue may result in limited confidentiality and integrity.
4.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
89 references
Acknowledgments
Harry Sintonen
Patrick Monnerat
Daniel Stenberg
Harry Sintonen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n* curl: HSTS bypass via IDN (CVE-2022-43551)\n* curl: HTTP Proxy deny use-after-free (CVE-2022-43552)\n* curl: HSTS ignored on multiple requests (CVE-2023-23914)\n* curl: HSTS amnesia with --parallel (CVE-2023-23915)\n* curl: HTTP multi-header compression denial of service (CVE-2023-23916)\n* curl: TELNET option IAC injection (CVE-2023-27533)\n* curl: SFTP path ~ resolving discrepancy (CVE-2023-27534)\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)\n* httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3355",
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "2152639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639"
},
{
"category": "external",
"summary": "2152652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652"
},
{
"category": "external",
"summary": "2161774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774"
},
{
"category": "external",
"summary": "2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "2167797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797"
},
{
"category": "external",
"summary": "2167813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813"
},
{
"category": "external",
"summary": "2167815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815"
},
{
"category": "external",
"summary": "2169652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169652"
},
{
"category": "external",
"summary": "2176209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209"
},
{
"category": "external",
"summary": "2179062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062"
},
{
"category": "external",
"summary": "2179069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3355.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update",
"tracking": {
"current_release_date": "2026-03-22T01:26:55+00:00",
"generator": {
"date": "2026-03-22T01:26:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2023:3355",
"initial_release_date": "2023-06-05T11:46:47+00:00",
"revision_history": [
{
"date": "2023-06-05T11:46:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-18T17:29:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-22T01:26:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "JBCS httpd 2.4.51.sp2",
"product": {
"name": "JBCS httpd 2.4.51.sp2",
"product_id": "JBCS httpd 2.4.51.sp2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-20001",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161774"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_dav module of httpd. A specially crafted \"If:\" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_dav: out-of-bounds read/write of zero byte",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects configurations with mod_dav loaded and configured. Also, if there is no WebDAV repository configured, the server is not affected and no further mitigation is needed. For more information about the mitigation, check the mitigation section below.\n\nThe httpd mod_dav module is enabled by default on Red Hat Enterprise Linux 6, 7, 8, 9, and in RHSCL. However, there is no WebDAV repository configured by default.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-20001"
},
{
"category": "external",
"summary": "RHBZ#2161774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-20001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-20001"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001"
}
],
"release_date": "2023-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "workaround",
"details": "Disabling mod_dav and restarting httpd will mitigate this flaw.",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_dav: out-of-bounds read/write of zero byte"
},
{
"cve": "CVE-2022-4304",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164487"
}
],
"notes": [
{
"category": "description",
"text": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing attack in RSA Decryption implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "RHBZ#2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: timing attack in RSA Decryption implementation"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164494"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in OpenSSL\u0027s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: double free after calling PEM_read_bio_ex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A double-free vulnerability was found in the OpenSSL library in the PEM_read_bio_ex() function and its wrappers. The flaw is triggered when the library parses a specially crafted PEM file constructed to have zero bytes of payload data. This edge case causes the function to return a failure code but also populate a header argument with a pointer to memory that has already been freed, leading to a double-free condition if the calling application also attempts to free it, resulting in a crash and a denial of service. The flaw is rated as moderate because it results in a crash but does not allow code execution, memory corruption beyond the crash, or data leakage.\n\nThe versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are shipping OpenSSL 1.1.1 and 1.0.2, which do not contain the incorrect code, so those are not affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "RHBZ#2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: double free after calling PEM_read_bio_ex"
},
{
"cve": "CVE-2022-25147",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2023-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169652"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Portable Runtime Utility (APR-util) library. This issue may allow a malicious attacker to cause an out-of-bounds write due to an integer overflow when encoding/decoding a very long string using the base64 family of functions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr-util: out-of-bounds writes in the apr_base64",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Apache Portable Runtime Utility (APR-util) library contains additional utility interfaces for APR (Apache Portable Runtime). \nThis vulnerability is related to the incorrect usage of the base64 encoding/decoding family of functions through APR-util API.\nUsage of these functions with long enough string would cause integer overflow and will lead to out-of-bound write.\n\nThis flaw was rated with an important severity for a moment as Red Hat received information that this vulnerability potentially can allow remote attackers to cause a denial of service to the application linked to the APR-util library. Deep analysis confirmed that there are no known conditions that could lead to DoS. \nAdditionally the APR-util API should not be exposed to the untrusted uploads and usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25147"
},
{
"category": "external",
"summary": "RHBZ#2169652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25147"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apr-util: out-of-bounds writes in the apr_base64"
},
{
"cve": "CVE-2022-43551",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2022-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2152639"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in curl. The issue can occur when curl\u0027s HSTS check is bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of an insecure clear-text HTTP step even when providing HTTP in the URL. Suppose the hostname in the given URL first uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion. In that case, it can bypass the HSTS mechanism using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the information, IDN encoded but looked for it as IDN decoded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HSTS bypass via IDN",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43551"
},
{
"category": "external",
"summary": "RHBZ#2152639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2022-43551.html",
"url": "https://curl.se/docs/CVE-2022-43551.html"
}
],
"release_date": "2022-12-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: HSTS bypass via IDN"
},
{
"cve": "CVE-2022-43552",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2152652"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: Use-after-free triggered by an HTTP proxy deny response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Potential successful exploitation will cause the curl to crash, which generates a low impact to the environment where the curl is used. Additionally, exploitation depends on the conditions that are out of the attacker\u0027s control, like usage of specific protocols (SMB or TELNET) and HTTP proxy tunnels at the same time. Due to these facts, this vulnerability has been classified as a Low severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43552"
},
{
"category": "external",
"summary": "RHBZ#2152652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2022-43552.html",
"url": "https://curl.se/docs/CVE-2022-43552.html"
}
],
"release_date": "2022-12-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "workaround",
"details": "Avoid using the SMB and TELNET protocols.",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: Use-after-free triggered by an HTTP proxy deny response"
},
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164492"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: use-after-free following BIO_new_NDEF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was found in the OpenSSL library within the BIO_new_NDEF function, which is used for ASN.1 data streaming. The flaw is a use-after-free issue that happens when an error occurs while setting up a BIO chain. In this case, the filter BIO is freed, but the original BIO still holds a reference to it. If the caller later calls BIO_pop(), it tries to use this freed pointer, causing a crash and leading to a Denial of Service (DoS). The flaw is rated as moderate because it results in a crash but does not allow code execution, memory corruption beyond the crash, or data leakage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "RHBZ#2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: use-after-free following BIO_new_NDEF"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164440"
}
],
"notes": [
{
"category": "description",
"text": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: X.400 address type confusion in X.509 GeneralName",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For shim in Red Hat Enterprise Linux 8 \u0026 9, is not affected as shim doesn\u0027t support any CRL processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "RHBZ#2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: X.400 address type confusion in X.509 GeneralName"
},
{
"acknowledgments": [
{
"names": [
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-23914",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167797"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Curl package, where the HSTS mechanism would be ignored by subsequent transfers when done on the same command line because the state would not be properly carried. This issue may result in limited confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HSTS ignored on multiple requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a curl command line issue and does not affect libcurl.\nThere is no HSTS support in the versions of curl shipped in rhel-7 and rhel-8. Curl packages as shipped in rhel-9 do not support HSTS.\nUpstream has rated this as a Low Severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23914"
},
{
"category": "external",
"summary": "RHBZ#2167797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-23914.html",
"url": "https://curl.se/docs/CVE-2023-23914.html"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: HSTS ignored on multiple requests"
},
{
"acknowledgments": [
{
"names": [
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-23915",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167813"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file gets overwritten by the most recently completed transfer. This issue may result in limited confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HSTS amnesia with --parallel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There is no HSTS support in the versions of curl shipped in rhel-7 and rhel-8. Curl packages as shipped in rhel-9 do not support HSTS.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23915"
},
{
"category": "external",
"summary": "RHBZ#2167813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-23915.html",
"url": "https://curl.se/docs/CVE-2023-23915.html"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: HSTS amnesia with --parallel"
},
{
"acknowledgments": [
{
"names": [
"Patrick Monnerat"
]
}
],
"cve": "CVE-2023-23916",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HTTP multi-header compression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23916"
},
{
"category": "external",
"summary": "RHBZ#2167815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-23916.html",
"url": "https://curl.se/docs/CVE-2023-23916.html"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: HTTP multi-header compression denial of service"
},
{
"cve": "CVE-2023-25690",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2176209"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: HTTP request splitting with mod_rewrite and mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25690"
},
{
"category": "external",
"summary": "RHBZ#2176209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2023-03-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: HTTP request splitting with mod_rewrite and mod_proxy"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg",
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-27533",
"cwe": {
"id": "CWE-75",
"name": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)"
},
"discovery_date": "2023-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179062"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: TELNET option IAC injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this vulnerability exists in Curl, the potential impact is to a different component. The overall impact is limited to the telnet component. On its own this flaw has a limited to negligible effect on integrity of the entire system, therefore it has been rated as having a Low security impact. This is in alignment with upstream\u2019s impact assessment, their advisory is linked in external references.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27533"
},
{
"category": "external",
"summary": "RHBZ#2179062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-27533.html",
"url": "https://curl.se/docs/CVE-2023-27533.html"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: TELNET option IAC injection"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg",
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-27534",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179069"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: SFTP path ~ resolving discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In a containerized environment running SELinux in enforcing mode, such as Red Hat OpenShift Container Platform, this vulnerability does not allow an attacker to escape the boundary of a container. In this case no additional access is gained, there is an additional (but more complicated step) to look at files the user already has access to.\n\nThe upstream project (Curl) also rated this CVE as Low, see link in External References.\n\nIt is unlikely that Red Hat offerings are utilizing the SFTP feature of Curl, so the opportunity to exploit it may not exist. For those reasons Red Hat Product Security rates the impact as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27534"
},
{
"category": "external",
"summary": "RHBZ#2179069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-27534.html",
"url": "https://curl.se/docs/CVE-2023-27534.html"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: SFTP path ~ resolving discrepancy"
}
]
}
RHSA-2023_0103
Vulnerability from csaf_redhat - Published: 2023-01-12 09:28 - Updated: 2024-11-22 21:01Summary
Red Hat Security Advisory: expat security update
Severity
Moderate
Notes
Topic: An update for expat is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: use-after free caused by overeager destruction of a shared DTD in
XML_ExternalEntityParserCreate (CVE-2022-43680)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: use-after free caused by overeager destruction of a shared DTD in\nXML_ExternalEntityParserCreate (CVE-2022-43680)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0103",
"url": "https://access.redhat.com/errata/RHSA-2023:0103"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0103.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2024-11-22T21:01:04+00:00",
"generator": {
"date": "2024-11-22T21:01:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:0103",
"initial_release_date": "2023-01-12T09:28:37+00:00",
"revision_history": [
{
"date": "2023-01-12T09:28:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-12T09:28:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:01:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.src",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.src",
"product_id": "expat-0:2.2.5-10.el8_7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-10.el8_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-10.el8_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-10.el8_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"product": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"product_id": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-10.el8_7.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.src",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.i686",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-10.el8_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
},
"product_reference": "expat-devel-0:2.2.5-10.el8_7.1.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-12T09:28:37+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0103"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.src",
"BaseOS-8.7.0.Z.MAIN:expat-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debuginfo-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-debugsource-0:2.2.5-10.el8_7.1.x86_64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.aarch64",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.i686",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.ppc64le",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.s390x",
"BaseOS-8.7.0.Z.MAIN:expat-devel-0:2.2.5-10.el8_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
}
]
}
RHSA-2023_0337
Vulnerability from csaf_redhat - Published: 2023-01-23 15:29 - Updated: 2024-11-22 21:01Summary
Red Hat Security Advisory: expat security update
Severity
Moderate
Notes
Topic: An update for expat is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0337",
"url": "https://access.redhat.com/errata/RHSA-2023:0337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0337.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2024-11-22T21:01:14+00:00",
"generator": {
"date": "2024-11-22T21:01:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:0337",
"initial_release_date": "2023-01-23T15:29:49+00:00",
"revision_history": [
{
"date": "2023-01-23T15:29:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-23T15:29:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:01:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.src",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.src",
"product_id": "expat-0:2.4.9-1.el9_1.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.4.9-1.el9_1.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.4.9-1.el9_1.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.4.9-1.el9_1.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"product": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"product_id": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.4.9-1.el9_1.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.src",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.src",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.4.9-1.el9_1.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
},
"product_reference": "expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:29:49+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, applications using the Expat library must be restarted for the update to take effect.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0337"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"AppStream-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"AppStream-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.src",
"BaseOS-9.1.0.Z.MAIN:expat-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debuginfo-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-debugsource-0:2.4.9-1.el9_1.1.x86_64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.aarch64",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.i686",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.s390x",
"BaseOS-9.1.0.Z.MAIN:expat-devel-0:2.4.9-1.el9_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
}
]
}
RHSA-2023_3355
Vulnerability from csaf_redhat - Published: 2023-06-05 11:46 - Updated: 2024-11-25 08:49Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update
Severity
Important
Notes
Topic: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
* curl: HSTS bypass via IDN (CVE-2022-43551)
* curl: HTTP Proxy deny use-after-free (CVE-2022-43552)
* curl: HSTS ignored on multiple requests (CVE-2023-23914)
* curl: HSTS amnesia with --parallel (CVE-2023-23915)
* curl: HTTP multi-header compression denial of service (CVE-2023-23916)
* curl: TELNET option IAC injection (CVE-2023-27533)
* curl: SFTP path ~ resolving discrepancy (CVE-2023-27534)
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)
* httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A double-free vulnerability was found in OpenSSL's PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (for example, "CERTIFICATE"), any header data, and the payload data. If the function succeeds, then the "name_out," "header," and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Apache Portable Runtime Utility (APR-util) library. This issue may allow a malicious attacker to cause an out-of-bounds write due to an integer overflow when encoding/decoding a very long string using the base64 family of functions.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in curl. The issue can occur when curl's HSTS check is bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of an insecure clear-text HTTP step even when providing HTTP in the URL. Suppose the hostname in the given URL first uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion. In that case, it can bypass the HSTS mechanism using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the information, IDN encoded but looked for it as IDN decoded.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the Curl package, where the HSTS mechanism would be ignored by subsequent transfers when done on the same command line because the state would not be properly carried. This issue may result in limited confidentiality and integrity.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file gets overwritten by the most recently completed transfer. This issue may result in limited confidentiality and integrity.
4.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
JBCS httpd 2.4.51.sp2
Red Hat / Red Hat JBoss Core Services
|
cpe:/a:redhat:jboss_core_services:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
89 references
Acknowledgments
Harry Sintonen
Patrick Monnerat
Daniel Stenberg
Harry Sintonen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n* curl: HSTS bypass via IDN (CVE-2022-43551)\n* curl: HTTP Proxy deny use-after-free (CVE-2022-43552)\n* curl: HSTS ignored on multiple requests (CVE-2023-23914)\n* curl: HSTS amnesia with --parallel (CVE-2023-23915)\n* curl: HTTP multi-header compression denial of service (CVE-2023-23916)\n* curl: TELNET option IAC injection (CVE-2023-27533)\n* curl: SFTP path ~ resolving discrepancy (CVE-2023-27534)\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)\n* httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3355",
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "2152639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639"
},
{
"category": "external",
"summary": "2152652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652"
},
{
"category": "external",
"summary": "2161774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774"
},
{
"category": "external",
"summary": "2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "2167797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797"
},
{
"category": "external",
"summary": "2167813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813"
},
{
"category": "external",
"summary": "2167815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815"
},
{
"category": "external",
"summary": "2169652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169652"
},
{
"category": "external",
"summary": "2176209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209"
},
{
"category": "external",
"summary": "2179062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062"
},
{
"category": "external",
"summary": "2179069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3355.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update",
"tracking": {
"current_release_date": "2024-11-25T08:49:33+00:00",
"generator": {
"date": "2024-11-25T08:49:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:3355",
"initial_release_date": "2023-06-05T11:46:47+00:00",
"revision_history": [
{
"date": "2023-06-05T11:46:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-18T17:29:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T08:49:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "JBCS httpd 2.4.51.sp2",
"product": {
"name": "JBCS httpd 2.4.51.sp2",
"product_id": "JBCS httpd 2.4.51.sp2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-20001",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161774"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_dav module of httpd. A specially crafted \"If:\" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_dav: out-of-bounds read/write of zero byte",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects configurations with mod_dav loaded and configured. Also, if there is no WebDAV repository configured, the server is not affected and no further mitigation is needed. For more information about the mitigation, check the mitigation section below.\n\nThe httpd mod_dav module is enabled by default on Red Hat Enterprise Linux 6, 7, 8, 9, and in RHSCL. However, there is no WebDAV repository configured by default.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-20001"
},
{
"category": "external",
"summary": "RHBZ#2161774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-20001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-20001"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001"
}
],
"release_date": "2023-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "workaround",
"details": "Disabling mod_dav and restarting httpd will mitigate this flaw.",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_dav: out-of-bounds read/write of zero byte"
},
{
"cve": "CVE-2022-4304",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164487"
}
],
"notes": [
{
"category": "description",
"text": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing attack in RSA Decryption implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "RHBZ#2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: timing attack in RSA Decryption implementation"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164494"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in OpenSSL\u0027s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: double free after calling PEM_read_bio_ex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact as it is less easily exploited and is only vulnerable in unlikely configurations. Additionally, the upstream advisory (linked in External References) also rates it as Moderate.\n\nThe versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are shipping OpenSSL 1.1.1 and 1.0.2, which do not contain the incorrect code, so those are not affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "RHBZ#2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: double free after calling PEM_read_bio_ex"
},
{
"cve": "CVE-2022-25147",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2023-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169652"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Portable Runtime Utility (APR-util) library. This issue may allow a malicious attacker to cause an out-of-bounds write due to an integer overflow when encoding/decoding a very long string using the base64 family of functions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr-util: out-of-bounds writes in the apr_base64",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Apache Portable Runtime Utility (APR-util) library contains additional utility interfaces for APR (Apache Portable Runtime). \nThis vulnerability is related to the incorrect usage of the base64 encoding/decoding family of functions through APR-util API.\nUsage of these functions with long enough string would cause integer overflow and will lead to out-of-bound write.\n\nThis flaw was rated with an important severity for a moment as Red Hat received information that this vulnerability potentially can allow remote attackers to cause a denial of service to the application linked to the APR-util library. Deep analysis confirmed that there are no known conditions that could lead to DoS. \nAdditionally the APR-util API should not be exposed to the untrusted uploads and usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25147"
},
{
"category": "external",
"summary": "RHBZ#2169652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25147"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apr-util: out-of-bounds writes in the apr_base64"
},
{
"cve": "CVE-2022-43551",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2022-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2152639"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in curl. The issue can occur when curl\u0027s HSTS check is bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of an insecure clear-text HTTP step even when providing HTTP in the URL. Suppose the hostname in the given URL first uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion. In that case, it can bypass the HSTS mechanism using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E). Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the information, IDN encoded but looked for it as IDN decoded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HSTS bypass via IDN",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43551"
},
{
"category": "external",
"summary": "RHBZ#2152639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152639"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2022-43551.html",
"url": "https://curl.se/docs/CVE-2022-43551.html"
}
],
"release_date": "2022-12-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: HSTS bypass via IDN"
},
{
"cve": "CVE-2022-43552",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2152652"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: Use-after-free triggered by an HTTP proxy deny response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Potential successful exploitation will cause the curl to crash, which generates a low impact to the environment where the curl is used. Additionally, exploitation depends on the conditions that are out of the attacker\u0027s control, like usage of specific protocols (SMB or TELNET) and HTTP proxy tunnels at the same time. Due to these facts, this vulnerability has been classified as a Low severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43552"
},
{
"category": "external",
"summary": "RHBZ#2152652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2022-43552.html",
"url": "https://curl.se/docs/CVE-2022-43552.html"
}
],
"release_date": "2022-12-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "workaround",
"details": "Avoid using the SMB and TELNET protocols.",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: Use-after-free triggered by an HTTP proxy deny response"
},
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164492"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: use-after-free following BIO_new_NDEF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having a moderate impact in alignment with upstream. See the security advisory linked in external references.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "RHBZ#2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: use-after-free following BIO_new_NDEF"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164440"
}
],
"notes": [
{
"category": "description",
"text": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: X.400 address type confusion in X.509 GeneralName",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For shim in Red Hat Enterprise Linux 8 \u0026 9, is not affected as shim doesn\u0027t support any CRL processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "RHBZ#2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: X.400 address type confusion in X.509 GeneralName"
},
{
"acknowledgments": [
{
"names": [
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-23914",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167797"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Curl package, where the HSTS mechanism would be ignored by subsequent transfers when done on the same command line because the state would not be properly carried. This issue may result in limited confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HSTS ignored on multiple requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a curl command line issue and does not affect libcurl.\nThere is no HSTS support in the versions of curl shipped in rhel-7 and rhel-8. Curl packages as shipped in rhel-9 do not support HSTS.\nUpstream has rated this as a Low Severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23914"
},
{
"category": "external",
"summary": "RHBZ#2167797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167797"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-23914.html",
"url": "https://curl.se/docs/CVE-2023-23914.html"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: HSTS ignored on multiple requests"
},
{
"acknowledgments": [
{
"names": [
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-23915",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167813"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file gets overwritten by the most recently completed transfer. This issue may result in limited confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HSTS amnesia with --parallel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There is no HSTS support in the versions of curl shipped in rhel-7 and rhel-8. Curl packages as shipped in rhel-9 do not support HSTS.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23915"
},
{
"category": "external",
"summary": "RHBZ#2167813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-23915.html",
"url": "https://curl.se/docs/CVE-2023-23915.html"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: HSTS amnesia with --parallel"
},
{
"acknowledgments": [
{
"names": [
"Patrick Monnerat"
]
}
],
"cve": "CVE-2023-23916",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2167815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HTTP multi-header compression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23916"
},
{
"category": "external",
"summary": "RHBZ#2167815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-23916.html",
"url": "https://curl.se/docs/CVE-2023-23916.html"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: HTTP multi-header compression denial of service"
},
{
"cve": "CVE-2023-25690",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2176209"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: HTTP request splitting with mod_rewrite and mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25690"
},
{
"category": "external",
"summary": "RHBZ#2176209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2023-03-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: HTTP request splitting with mod_rewrite and mod_proxy"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg",
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-27533",
"cwe": {
"id": "CWE-75",
"name": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)"
},
"discovery_date": "2023-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179062"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: TELNET option IAC injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this vulnerability exists in Curl, the potential impact is to a different component. The overall impact is limited to the telnet component. On its own this flaw has a limited to negligible effect on integrity of the entire system, therefore it has been rated as having a Low security impact. This is in alignment with upstream\u2019s impact assessment, their advisory is linked in external references.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27533"
},
{
"category": "external",
"summary": "RHBZ#2179062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-27533.html",
"url": "https://curl.se/docs/CVE-2023-27533.html"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: TELNET option IAC injection"
},
{
"acknowledgments": [
{
"names": [
"Daniel Stenberg",
"Harry Sintonen"
]
}
],
"cve": "CVE-2023-27534",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179069"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: SFTP path ~ resolving discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In a containerized environment running SELinux in enforcing mode, such as Red Hat OpenShift Container Platform, this vulnerability does not allow an attacker to escape the boundary of a container. In this case no additional access is gained, there is an additional (but more complicated step) to look at files the user already has access to.\n\nThe upstream project (Curl) also rated this CVE as Low, see link in External References.\n\nIt is unlikely that Red Hat offerings are utilizing the SFTP feature of Curl, so the opportunity to exploit it may not exist. For those reasons Red Hat Product Security rates the impact as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"JBCS httpd 2.4.51.sp2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27534"
},
{
"category": "external",
"summary": "RHBZ#2179069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179069"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-27534.html",
"url": "https://curl.se/docs/CVE-2023-27534.html"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-05T11:46:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"JBCS httpd 2.4.51.sp2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"JBCS httpd 2.4.51.sp2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: SFTP path ~ resolving discrepancy"
}
]
}
RHSA-2024:0421
Vulnerability from csaf_redhat - Published: 2024-01-25 08:12 - Updated: 2026-03-18 02:30Summary
Red Hat Security Advisory: expat security update
Severity
Moderate
Notes
Topic: An update for expat is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0421",
"url": "https://access.redhat.com/errata/RHSA-2024:0421"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0421.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-03-18T02:30:43+00:00",
"generator": {
"date": "2026-03-18T02:30:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:0421",
"initial_release_date": "2024-01-25T08:12:31+00:00",
"revision_history": [
{
"date": "2024-01-25T08:12:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-25T08:12:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:30:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:8.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-8.el8_6.4.i686",
"product": {
"name": "expat-0:2.2.5-8.el8_6.4.i686",
"product_id": "expat-0:2.2.5-8.el8_6.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-8.el8_6.4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-8.el8_6.4.i686",
"product": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.i686",
"product_id": "expat-devel-0:2.2.5-8.el8_6.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-8.el8_6.4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.i686",
"product": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.i686",
"product_id": "expat-debugsource-0:2.2.5-8.el8_6.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-8.el8_6.4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.i686",
"product": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.i686",
"product_id": "expat-debuginfo-0:2.2.5-8.el8_6.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-8.el8_6.4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-8.el8_6.4.x86_64",
"product": {
"name": "expat-0:2.2.5-8.el8_6.4.x86_64",
"product_id": "expat-0:2.2.5-8.el8_6.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-8.el8_6.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-8.el8_6.4.x86_64",
"product": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.x86_64",
"product_id": "expat-devel-0:2.2.5-8.el8_6.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-8.el8_6.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.x86_64",
"product_id": "expat-debugsource-0:2.2.5-8.el8_6.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-8.el8_6.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64",
"product_id": "expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-8.el8_6.4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-8.el8_6.4.src",
"product": {
"name": "expat-0:2.2.5-8.el8_6.4.src",
"product_id": "expat-0:2.2.5-8.el8_6.4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-8.el8_6.4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-8.el8_6.4.aarch64",
"product": {
"name": "expat-0:2.2.5-8.el8_6.4.aarch64",
"product_id": "expat-0:2.2.5-8.el8_6.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-8.el8_6.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-8.el8_6.4.aarch64",
"product": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.aarch64",
"product_id": "expat-devel-0:2.2.5-8.el8_6.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-8.el8_6.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.aarch64",
"product": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.aarch64",
"product_id": "expat-debugsource-0:2.2.5-8.el8_6.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-8.el8_6.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64",
"product": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64",
"product_id": "expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-8.el8_6.4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-8.el8_6.4.ppc64le",
"product": {
"name": "expat-0:2.2.5-8.el8_6.4.ppc64le",
"product_id": "expat-0:2.2.5-8.el8_6.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-8.el8_6.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-8.el8_6.4.ppc64le",
"product": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.ppc64le",
"product_id": "expat-devel-0:2.2.5-8.el8_6.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-8.el8_6.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le",
"product": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le",
"product_id": "expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-8.el8_6.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le",
"product_id": "expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-8.el8_6.4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.5-8.el8_6.4.s390x",
"product": {
"name": "expat-0:2.2.5-8.el8_6.4.s390x",
"product_id": "expat-0:2.2.5-8.el8_6.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.5-8.el8_6.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.5-8.el8_6.4.s390x",
"product": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.s390x",
"product_id": "expat-devel-0:2.2.5-8.el8_6.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.5-8.el8_6.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.s390x",
"product": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.s390x",
"product_id": "expat-debugsource-0:2.2.5-8.el8_6.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.5-8.el8_6.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.s390x",
"product": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.s390x",
"product_id": "expat-debuginfo-0:2.2.5-8.el8_6.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.5-8.el8_6.4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-8.el8_6.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.aarch64"
},
"product_reference": "expat-0:2.2.5-8.el8_6.4.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-8.el8_6.4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.i686"
},
"product_reference": "expat-0:2.2.5-8.el8_6.4.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-8.el8_6.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.ppc64le"
},
"product_reference": "expat-0:2.2.5-8.el8_6.4.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-8.el8_6.4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.s390x"
},
"product_reference": "expat-0:2.2.5-8.el8_6.4.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-8.el8_6.4.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.src"
},
"product_reference": "expat-0:2.2.5-8.el8_6.4.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.5-8.el8_6.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.x86_64"
},
"product_reference": "expat-0:2.2.5-8.el8_6.4.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64"
},
"product_reference": "expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.i686"
},
"product_reference": "expat-debuginfo-0:2.2.5-8.el8_6.4.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.s390x"
},
"product_reference": "expat-debuginfo-0:2.2.5-8.el8_6.4.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.aarch64"
},
"product_reference": "expat-debugsource-0:2.2.5-8.el8_6.4.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.i686"
},
"product_reference": "expat-debugsource-0:2.2.5-8.el8_6.4.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le"
},
"product_reference": "expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.s390x"
},
"product_reference": "expat-debugsource-0:2.2.5-8.el8_6.4.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.5-8.el8_6.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.5-8.el8_6.4.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.aarch64"
},
"product_reference": "expat-devel-0:2.2.5-8.el8_6.4.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.i686"
},
"product_reference": "expat-devel-0:2.2.5-8.el8_6.4.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.ppc64le"
},
"product_reference": "expat-devel-0:2.2.5-8.el8_6.4.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.s390x"
},
"product_reference": "expat-devel-0:2.2.5-8.el8_6.4.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.5-8.el8_6.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.x86_64"
},
"product_reference": "expat-devel-0:2.2.5-8.el8_6.4.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.src",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T08:12:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, applications using the Expat library must be restarted for the update to take effect.",
"product_ids": [
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.src",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0421"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.src",
"BaseOS-8.6.0.Z.EUS:expat-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-debuginfo-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-debugsource-0:2.2.5-8.el8_6.4.x86_64",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.aarch64",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.i686",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.ppc64le",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.s390x",
"BaseOS-8.6.0.Z.EUS:expat-devel-0:2.2.5-8.el8_6.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…