Action not permitted
Modal body text goes here.
cve-2016-6814
Vulnerability from cvelistv5
Published
2018-01-18 18:00
Modified
2024-09-16 20:52
Severity ?
EPSS score ?
Summary
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:37.985Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2017:2596", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "name": "RHSA-2017:0868", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:0868" }, { "name": "RHSA-2017:2486", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "name": "RHSA-2017:0272", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0272.html" }, { "name": "95429", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95429" }, { "name": "1039600", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039600" }, { "name": "GLSA-202003-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202003-01" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-01-15T00:00:00", "descriptions": [ { "lang": "en", "value": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-07-15T02:22:54", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2017:2596", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "name": "RHSA-2017:0868", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:0868" }, { "name": "RHSA-2017:2486", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "name": "RHSA-2017:0272", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0272.html" }, { "name": "95429", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95429" }, { "name": "1039600", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039600" }, { "name": "GLSA-202003-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202003-01" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_PUBLIC": "2018-01-15T00:00:00", "ID": "CVE-2016-6814", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2017:2596", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "name": "RHSA-2017:0868", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0868" }, { "name": "RHSA-2017:2486", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "name": "RHSA-2017:0272", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0272.html" }, { "name": "95429", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95429" }, { "name": "1039600", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039600" }, { "name": "GLSA-202003-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-01" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "refsource": "CONFIRM", "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "name": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E", "refsource": "MISC", "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-6814", "datePublished": "2018-01-18T18:00:00Z", "dateReserved": "2016-08-12T00:00:00", "dateUpdated": "2024-09-16T20:52:30.155Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2016-6814\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-01-18T18:29:00.233\",\"lastModified\":\"2020-07-15T03:15:16.327\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Cuando una aplicaci\u00f3n con versiones de Codehaus no soportadas de Groovy desde la versi\u00f3n 1.7.0 hasta la 2.4.3 o Apache Groovy desde la versi\u00f3n 2.4.4 hasta la 2.4.7 en classpath usa mecanismos est\u00e1ndar de serializaci\u00f3n de Java (por ejemplo, para comunicarse entre servidores o almacenar datos locales), un atacante pudo preparar un objeto especialmente serializado que ejecutar\u00e1 c\u00f3digo directamente al ser deserializado. Todas las aplicaciones que dependen de la serializaci\u00f3n y no a\u00edslan el c\u00f3digo que deserializa objetos estaban sujetos a esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.7.0\",\"versionEndIncluding\":\"2.4.3\",\"matchCriteriaId\":\"6EB4409D-39D4-4F6B-AD3E-2E9B0997B6A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.4\",\"versionEndIncluding\":\"2.4.7\",\"matchCriteriaId\":\"C8F237F9-F70E-4815-BA42-5B5E8152965C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}]}]}],\"references\":[{\"url\":\"http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0272.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/95429\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039600\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0868\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2486\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2596\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-01\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"cve@mitre.org\"}]}}" } }
rhsa-2017_0868
Vulnerability from csaf_redhat
Published
2017-04-03 21:02
Modified
2024-11-14 20:53
Summary
Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R2 security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.
This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.
Security Fix(es):
* It was reported that Elasticsearch had vulnerabilities in the Groovy scripting engine, which allow an attacker to construct scripts that escape the sandbox and execute shell commands as the user running the Elasticsearch Java VM. (CVE-2015-1427)
* It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2016-6814)
* It was found that Apache Commons HttpClient does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. (CVE-2012-5783)
* It was found that swagger-ui contains a cross site scripting (XSS) vulnerability in the key names in the JSON document. An attacker could use this flaw to supply a key name with script tags which could cause arbitrary code execution. Additionally it is possible to load the arbitrary JSON files remotely via the URL query-string parameter. (CVE-2016-1000229)
* A vulnerability was found in FormattedServiceListWriter in Apache CXF HTTP transport module that could allow an attacker to inject unexpected matrix parameters into the request URL. On a successful injection these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client. (CVE-2016-6812)
* Apache CXF JAX-RS implementation provides a number of Atom MessageBodyReaders. These readers use Apache Abdera Parser to parse Atom feeds or Entries, with this Parser expanding XML entities by default. It was found that this represents a major XXE risk. (CVE-2016-8739)
* A path traversal issue was found in Spark version 2.5 and potentially earlier versions. The vulnerability resides in the functionality to serve static files where there's no protection against directory traversal attacks. This could allow attackers access to private files including sensitive data. (CVE-2016-9177)
* It was found that the camel-snakeyaml component is exploitable for code execution. An attacker could use this vulnerability to send specially crafted payload to a camel-snakeyaml endpoint and causing a remote code execution attack. (CVE-2017-3159)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* It was reported that Elasticsearch had vulnerabilities in the Groovy scripting engine, which allow an attacker to construct scripts that escape the sandbox and execute shell commands as the user running the Elasticsearch Java VM. (CVE-2015-1427)\n\n* It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2016-6814)\n\n* It was found that Apache Commons HttpClient does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. (CVE-2012-5783)\n\n* It was found that swagger-ui contains a cross site scripting (XSS) vulnerability in the key names in the JSON document. An attacker could use this flaw to supply a key name with script tags which could cause arbitrary code execution. Additionally it is possible to load the arbitrary JSON files remotely via the URL query-string parameter. (CVE-2016-1000229)\n\n* A vulnerability was found in FormattedServiceListWriter in Apache CXF HTTP transport module that could allow an attacker to inject unexpected matrix parameters into the request URL. On a successful injection these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client. (CVE-2016-6812)\n\n* Apache CXF JAX-RS implementation provides a number of Atom MessageBodyReaders. These readers use Apache Abdera Parser to parse Atom feeds or Entries, with this Parser expanding XML entities by default. It was found that this represents a major XXE risk. (CVE-2016-8739)\n\n* A path traversal issue was found in Spark version 2.5 and potentially earlier versions. The vulnerability resides in the functionality to serve static files where there\u0027s no protection against directory traversal attacks. This could allow attackers access to private files including sensitive data. (CVE-2016-9177)\n\n* It was found that the camel-snakeyaml component is exploitable for code execution. An attacker could use this vulnerability to send specially crafted payload to a camel-snakeyaml endpoint and causing a remote code execution attack. (CVE-2017-3159)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:0868", "url": "https://access.redhat.com/errata/RHSA-2017:0868" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=6.3", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=6.3" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/" }, { "category": "external", "summary": "873317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873317" }, { "category": "external", "summary": "1191969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191969" }, { "category": "external", "summary": "1360275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360275" }, { "category": "external", "summary": "1393607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393607" }, { "category": "external", "summary": "1406810", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406810" }, { "category": "external", "summary": "1406811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406811" }, { "category": "external", "summary": "1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "external", "summary": "1420834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420834" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0868.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R2 security and bug fix update", "tracking": { "current_release_date": "2024-11-14T20:53:22+00:00", "generator": { "date": "2024-11-14T20:53:22+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2017:0868", "initial_release_date": "2017-04-03T21:02:28+00:00", "revision_history": [ { "date": "2017-04-03T21:02:28+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-07-02T15:51:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T20:53:22+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss A-MQ 6.3", "product": { "name": "Red Hat JBoss A-MQ 6.3", "product_id": "Red Hat JBoss A-MQ 6.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_amq:6.3" } } }, { "category": "product_name", "name": "Red Hat JBoss Fuse 6.3", "product": { "name": "Red Hat JBoss Fuse 6.3", "product_id": "Red Hat JBoss Fuse 6.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_fuse:6.3" } } } ], "category": "product_family", "name": "Red Hat JBoss Fuse" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-5783", "discovery_date": "2012-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873317" } ], "notes": [ { "category": "description", "text": "It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "title": "Vulnerability description" }, { "category": "summary", "text": "jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5783" }, { "category": "external", "summary": "RHBZ#873317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873317" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5783", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5783" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5783", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5783" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name" }, { "cve": "CVE-2015-1427", "discovery_date": "2015-02-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1191969" } ], "notes": [ { "category": "description", "text": "It was reported that Elasticsearch versions 1.3.0-1.3.7 and 1.4.0-1.4.2 have vulnerabilities in the Groovy scripting engine. The vulnerability allows an attacker to construct Groovy scripts that escape the sandbox and execute shell commands as the user running the Elasticsearch Java VM.", "title": "Vulnerability description" }, { "category": "summary", "text": "elasticsearch: remote code execution via Groovy sandbox bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-1427" }, { "category": "external", "summary": "RHBZ#1191969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191969" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-1427", "url": "https://www.cve.org/CVERecord?id=CVE-2015-1427" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1427", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1427" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2015-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-25T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "elasticsearch: remote code execution via Groovy sandbox bypass" }, { "cve": "CVE-2015-7559", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "discovery_date": "2015-07-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1293972" } ], "notes": [ { "category": "description", "text": "It was found that the Apache ActiveMQ client exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.", "title": "Vulnerability description" }, { "category": "summary", "text": "ActiveMQ: DoS in client via shutdown command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-7559" }, { "category": "external", "summary": "RHBZ#1293972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-7559", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7559" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7559", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7559" } ], "release_date": "2017-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "ActiveMQ: DoS in client via shutdown command" }, { "cve": "CVE-2016-6812", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-12-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1406810" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in FormattedServiceListWriter in Apache CXF HTTP transport module that could allow an attacker to inject unexpected matrix parameters into the request URL. On a successful injection these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-cxf: XSS in Apache CXF FormattedServiceListWriter", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6812" }, { "category": "external", "summary": "RHBZ#1406810", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406810" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6812", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6812" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6812", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6812" }, { "category": "external", "summary": "http://cxf.apache.org/security-advisories.data/CVE-2016-6812.txt.asc?version=1\u0026modificationDate=1482164360602\u0026api=v2", "url": "http://cxf.apache.org/security-advisories.data/CVE-2016-6812.txt.asc?version=1\u0026modificationDate=1482164360602\u0026api=v2" } ], "release_date": "2016-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "apache-cxf: XSS in Apache CXF FormattedServiceListWriter" }, { "cve": "CVE-2016-6814", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413466" } ], "notes": [ { "category": "description", "text": "It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "Groovy: Remote code execution via deserialization", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of groovy as shipped with Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and later do not ship groovy, as such they are not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6814" }, { "category": "external", "summary": "RHBZ#1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6814", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814" } ], "release_date": "2017-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Groovy: Remote code execution via deserialization" }, { "cve": "CVE-2016-8739", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2016-12-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1406811" } ], "notes": [ { "category": "description", "text": "Apache CXF JAX-RS implementation provides a number of Atom MessageBodyReaders. These readers use Apache Abdera Parser to parse Atom feeds or Entries, with this Parser expanding XML entities by default. It was found that this represents a major XXE risk.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-cxf: Atom entity provider of Apache CXF JAX-RS is vulnerable to XXE", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-8739" }, { "category": "external", "summary": "RHBZ#1406811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406811" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8739", "url": "https://www.cve.org/CVERecord?id=CVE-2016-8739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8739" }, { "category": "external", "summary": "http://cxf.apache.org/security-advisories.data/CVE-2016-8739.txt.asc?version=1\u0026modificationDate=1482164360575\u0026api=v2", "url": "http://cxf.apache.org/security-advisories.data/CVE-2016-8739.txt.asc?version=1\u0026modificationDate=1482164360575\u0026api=v2" } ], "release_date": "2016-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "apache-cxf: Atom entity provider of Apache CXF JAX-RS is vulnerable to XXE" }, { "cve": "CVE-2016-9177", "discovery_date": "2016-11-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1393607" } ], "notes": [ { "category": "description", "text": "A path traversal issue was found in Spark version 2.5 and potentially earlier versions. The vulnerability resides in the functionality to serve static files where there\u0027s no protection against directory traversal attacks. This could allow attackers access to private files including sensitive data.", "title": "Vulnerability description" }, { "category": "summary", "text": "Spark: Directory traversal vulnerability in version 2.5", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-9177" }, { "category": "external", "summary": "RHBZ#1393607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393607" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9177", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9177" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9177", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9177" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2016/Nov/13", "url": "http://seclists.org/fulldisclosure/2016/Nov/13" } ], "release_date": "2016-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Spark: Directory traversal vulnerability in version 2.5" }, { "cve": "CVE-2016-1000229", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-07-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1360275" } ], "notes": [ { "category": "description", "text": "It was found that swagger-ui contains a cross site scripting (XSS) vulnerability in the key names in the JSON document. An attacker could use this flaw to supply a key name with script tags which could cause arbitrary code execution. Additionally it is possible to load the arbitrary JSON files remotely via the URL query-string parameter.", "title": "Vulnerability description" }, { "category": "summary", "text": "swagger-ui: cross-site scripting in key names", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-1000229" }, { "category": "external", "summary": "RHBZ#1360275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360275" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-1000229", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000229" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000229", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000229" }, { "category": "external", "summary": "https://nodesecurity.io/advisories/126", "url": "https://nodesecurity.io/advisories/126" } ], "release_date": "2016-07-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "swagger-ui: cross-site scripting in key names" }, { "cve": "CVE-2017-3159", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1420834" } ], "notes": [ { "category": "description", "text": "It was found that the camel-snakeyaml component is exploitable for code execution. An attacker could use this vulnerability to send specially crafted payload to a camel-snakeyaml endpoint and causing a remote code execution attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "camel-snakeyaml: Unmarshalling operation is vulnerable to RCE", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3159" }, { "category": "external", "summary": "RHBZ#1420834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420834" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3159", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3159" }, { "category": "external", "summary": "http://camel.apache.org/security-advisories.data/CVE-2017-3159.txt.asc", "url": "http://camel.apache.org/security-advisories.data/CVE-2017-3159.txt.asc" } ], "release_date": "2016-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-04-03T21:02:28+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0868" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss A-MQ 6.3", "Red Hat JBoss Fuse 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "camel-snakeyaml: Unmarshalling operation is vulnerable to RCE" } ] }
rhsa-2017_0272
Vulnerability from csaf_redhat
Published
2017-02-14 16:41
Modified
2024-11-14 20:52
Summary
Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Data Virtualization.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database.
This release of Red Hat JBoss Data Virtualization 6.3 Update 4 serves as a replacement for Red Hat JBoss Data Virtualization 6.3 Update 3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that a flaw in apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2016-6814)
* It was found that the parsing of XMP and other XML formats in PDF by Apache PDFBox would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2016-2175)
* It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2016-4434)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Data Virtualization.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database.\n\nThis release of Red Hat JBoss Data Virtualization 6.3 Update 4 serves as a replacement for Red Hat JBoss Data Virtualization 6.3 Update 3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that a flaw in apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2016-6814)\n\n* It was found that the parsing of XMP and other XML formats in PDF by Apache PDFBox would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2016-2175)\n\n* It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2016-4434)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:0272", "url": "https://access.redhat.com/errata/RHSA-2017:0272" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.services.platform\u0026downloadType=securityPatches\u0026version=6.3.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.services.platform\u0026downloadType=securityPatches\u0026version=6.3.0" }, { "category": "external", "summary": "1340386", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340386" }, { "category": "external", "summary": "1340396", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340396" }, { "category": "external", "summary": "1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0272.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update", "tracking": { "current_release_date": "2024-11-14T20:52:59+00:00", "generator": { "date": "2024-11-14T20:52:59+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2017:0272", "initial_release_date": "2017-02-14T16:41:53+00:00", "revision_history": [ { "date": "2017-02-14T16:41:53+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-02-20T12:40:18+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T20:52:59+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Data Virtualization 6.3", "product": { "name": "Red Hat JBoss Data Virtualization 6.3", "product_id": "Red Hat JBoss Data Virtualization 6.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_data_virtualization:6.3" } } } ], "category": "product_family", "name": "Red Hat JBoss Data Virtualization" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-2175", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2016-05-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1340396" } ], "notes": [ { "category": "description", "text": "It was found that the parsing of XMP and other XML formats in PDF by Apache PDFBox would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "pdfbox: XML External Entity vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Data Virtualization 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2175" }, { "category": "external", "summary": "RHBZ#1340396", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340396" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2175", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2175" } ], "release_date": "2016-05-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-02-14T16:41:53+00:00", "details": "Before applying the update, back up your existing Red Hat JBoss Data Virtualization installation (including its databases, applications, configuration files, and so on).\n\nNote that it is recommended to halt the Red Hat JBoss Data Virtualization server by stopping the JBoss Application Server process before installing this update, and then after installing the update, restart the Red Hat JBoss Data Virtualization server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Data Virtualization 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0272" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Data Virtualization 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "pdfbox: XML External Entity vulnerability" }, { "cve": "CVE-2016-4434", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2016-05-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1340386" } ], "notes": [ { "category": "description", "text": "It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "tika: XML External Entity vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Data Virtualization 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-4434" }, { "category": "external", "summary": "RHBZ#1340386", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340386" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4434", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4434" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4434", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4434" } ], "release_date": "2016-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-02-14T16:41:53+00:00", "details": "Before applying the update, back up your existing Red Hat JBoss Data Virtualization installation (including its databases, applications, configuration files, and so on).\n\nNote that it is recommended to halt the Red Hat JBoss Data Virtualization server by stopping the JBoss Application Server process before installing this update, and then after installing the update, restart the Red Hat JBoss Data Virtualization server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Data Virtualization 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0272" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Data Virtualization 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tika: XML External Entity vulnerability" }, { "cve": "CVE-2016-6814", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413466" } ], "notes": [ { "category": "description", "text": "It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "Groovy: Remote code execution via deserialization", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of groovy as shipped with Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and later do not ship groovy, as such they are not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Data Virtualization 6.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6814" }, { "category": "external", "summary": "RHBZ#1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6814", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814" } ], "release_date": "2017-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-02-14T16:41:53+00:00", "details": "Before applying the update, back up your existing Red Hat JBoss Data Virtualization installation (including its databases, applications, configuration files, and so on).\n\nNote that it is recommended to halt the Red Hat JBoss Data Virtualization server by stopping the JBoss Application Server process before installing this update, and then after installing the update, restart the Red Hat JBoss Data Virtualization server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Data Virtualization 6.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0272" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss Data Virtualization 6.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Groovy: Remote code execution via deserialization" } ] }
rhsa-2017_2596
Vulnerability from csaf_redhat
Published
2017-09-05 22:54
Modified
2024-11-14 20:54
Summary
Red Hat Security Advisory: rh-maven33-groovy security update
Notes
Topic
An update for rh-maven33-groovy is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby, and Smalltalk. It seamlessly integrates with all existing Java objects and libraries and compiles straight to Java bytecode so you can use it anywhere you can use Java.
Security Fix(es):
* Multiple object deserialization flaws were discovered in the MethodClosure class in Groovy. A specially crafted serialized object deserialized by an application using the Groovy library could cause the application to execute arbitrary code. (CVE-2015-3253, CVE-2016-6814)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for rh-maven33-groovy is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby, and Smalltalk. It seamlessly integrates with all existing Java objects and libraries and compiles straight to Java bytecode so you can use it anywhere you can use Java.\n\nSecurity Fix(es):\n\n* Multiple object deserialization flaws were discovered in the MethodClosure class in Groovy. A specially crafted serialized object deserialized by an application using the Groovy library could cause the application to execute arbitrary code. (CVE-2015-3253, CVE-2016-6814)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:2596", "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1243934", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243934" }, { "category": "external", "summary": "1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2596.json" } ], "title": "Red Hat Security Advisory: rh-maven33-groovy security update", "tracking": { "current_release_date": "2024-11-14T20:54:30+00:00", "generator": { "date": "2024-11-14T20:54:30+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2017:2596", "initial_release_date": "2017-09-05T22:54:05+00:00", "revision_history": [ { "date": "2017-09-05T22:54:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-09-05T22:54:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T20:54:30+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-2.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-2.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)", "product_id": "6Server-RHSCL-2.4-6.7.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-2.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-2.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)", "product_id": "7Server-RHSCL-2.4-7.3.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.src", "product": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.src", "product_id": "rh-maven33-groovy-0:1.8.9-7.19.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-maven33-groovy@1.8.9-7.19.el6?arch=src" } } }, { "category": "product_version", "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.src", "product": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.src", "product_id": "rh-maven33-groovy-0:1.8.9-7.19.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-maven33-groovy@1.8.9-7.19.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "product": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "product_id": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-maven33-groovy@1.8.9-7.19.el6?arch=noarch" } } }, { "category": "product_version", "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "product": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "product_id": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-maven33-groovy-javadoc@1.8.9-7.19.el6?arch=noarch" } } }, { "category": "product_version", "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "product": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "product_id": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-maven33-groovy@1.8.9-7.19.el7?arch=noarch" } } }, { "category": "product_version", "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "product": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "product_id": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-maven33-groovy-javadoc@1.8.9-7.19.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)", "product_id": "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)", "product_id": "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el6.src", "relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)", "product_id": "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch" }, "product_reference": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "relates_to_product_reference": "6Server-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el6.src", "relates_to_product_reference": "6Server-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch" }, "product_reference": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "relates_to_product_reference": "6Server-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "relates_to_product_reference": "6Workstation-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el6.src", "relates_to_product_reference": "6Workstation-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch" }, "product_reference": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "relates_to_product_reference": "6Workstation-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)", "product_id": "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)", "product_id": "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el7.src", "relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)", "product_id": "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" }, "product_reference": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el7.src", "relates_to_product_reference": "7Server-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" }, "product_reference": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-0:1.8.9-7.19.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src" }, "product_reference": "rh-maven33-groovy-0:1.8.9-7.19.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" }, "product_reference": "rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-2.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-3253", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2015-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1243934" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in the way applications using Groovy used the standard Java serialization mechanism. A remote attacker could use a specially crafted serialized object that would execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "groovy: remote execution of untrusted code in class MethodClosure", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3253" }, { "category": "external", "summary": "RHBZ#1243934", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243934" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3253", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3253" }, { "category": "external", "summary": "http://seclists.org/oss-sec/2015/q3/121", "url": "http://seclists.org/oss-sec/2015/q3/121" } ], "release_date": "2015-07-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-09-05T22:54:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "category": "workaround", "details": "Apply the following patch on the MethodClosure class (src/main/org/codehaus/groovy/runtime/MethodClosure.java):\n\n public class MethodClosure extends Closure {\n + private Object readResolve() {\n + throw new UnsupportedOperationException();\n + \n }\n\nAlternatively, you should make sure to use a custom security policy file (using the standard Java security manager) or make sure that you do not rely on serialization to communicate remotely.", "product_ids": [ "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "groovy: remote execution of untrusted code in class MethodClosure" }, { "cve": "CVE-2016-6814", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413466" } ], "notes": [ { "category": "description", "text": "It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "Groovy: Remote code execution via deserialization", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of groovy as shipped with Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and later do not ship groovy, as such they are not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6814" }, { "category": "external", "summary": "RHBZ#1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6814", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814" } ], "release_date": "2017-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-09-05T22:54:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2596" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4-6.7.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.noarch", "6Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el6.src", "6Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el6.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4-7.3.Z:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Server-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Server-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.noarch", "7Workstation-RHSCL-2.4:rh-maven33-groovy-0:1.8.9-7.19.el7.src", "7Workstation-RHSCL-2.4:rh-maven33-groovy-javadoc-0:1.8.9-7.19.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Groovy: Remote code execution via deserialization" } ] }
rhsa-2017_2486
Vulnerability from csaf_redhat
Published
2017-08-17 02:38
Modified
2024-11-14 20:54
Summary
Red Hat Security Advisory: groovy security update
Notes
Topic
An update for groovy is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby, and Smalltalk. It seamlessly integrates with all existing Java objects and libraries and compiles straight to Java bytecode so you can use it anywhere you can use Java.
Security Fix(es):
* It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2016-6814)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for groovy is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby, and Smalltalk. It seamlessly integrates with all existing Java objects and libraries and compiles straight to Java bytecode so you can use it anywhere you can use Java.\n\nSecurity Fix(es):\n\n* It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2016-6814)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:2486", "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2486.json" } ], "title": "Red Hat Security Advisory: groovy security update", "tracking": { "current_release_date": "2024-11-14T20:54:24+00:00", "generator": { "date": "2024-11-14T20:54:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2017:2486", "initial_release_date": "2017-08-17T02:38:21+00:00", "revision_history": [ { "date": "2017-08-17T02:38:21+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-08-17T02:38:21+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T20:54:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.4.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.4.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.4.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.4.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "groovy-0:1.8.9-8.el7_4.src", "product": { "name": "groovy-0:1.8.9-8.el7_4.src", "product_id": "groovy-0:1.8.9-8.el7_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/groovy@1.8.9-8.el7_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "groovy-0:1.8.9-8.el7_4.noarch", "product": { "name": "groovy-0:1.8.9-8.el7_4.noarch", "product_id": "groovy-0:1.8.9-8.el7_4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/groovy@1.8.9-8.el7_4?arch=noarch" } } }, { "category": "product_version", "name": "groovy-javadoc-0:1.8.9-8.el7_4.noarch", "product": { "name": "groovy-javadoc-0:1.8.9-8.el7_4.noarch", "product_id": "groovy-javadoc-0:1.8.9-8.el7_4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/groovy-javadoc@1.8.9-8.el7_4?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7Client-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src" }, "product_reference": "groovy-0:1.8.9-8.el7_4.src", "relates_to_product_reference": "7Client-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-javadoc-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-javadoc-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7Client-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src" }, "product_reference": "groovy-0:1.8.9-8.el7_4.src", "relates_to_product_reference": "7ComputeNode-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-javadoc-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-javadoc-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7Server-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src" }, "product_reference": "groovy-0:1.8.9-8.el7_4.src", "relates_to_product_reference": "7Server-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-javadoc-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-javadoc-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7Server-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7Workstation-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-0:1.8.9-8.el7_4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src" }, "product_reference": "groovy-0:1.8.9-8.el7_4.src", "relates_to_product_reference": "7Workstation-optional-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "groovy-javadoc-0:1.8.9-8.el7_4.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" }, "product_reference": "groovy-javadoc-0:1.8.9-8.el7_4.noarch", "relates_to_product_reference": "7Workstation-optional-7.4.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-3253", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2015-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1243934" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in the way applications using Groovy used the standard Java serialization mechanism. A remote attacker could use a specially crafted serialized object that would execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "groovy: remote execution of untrusted code in class MethodClosure", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3253" }, { "category": "external", "summary": "RHBZ#1243934", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243934" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3253", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3253" }, { "category": "external", "summary": "http://seclists.org/oss-sec/2015/q3/121", "url": "http://seclists.org/oss-sec/2015/q3/121" } ], "release_date": "2015-07-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-08-17T02:38:21+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "category": "workaround", "details": "Apply the following patch on the MethodClosure class (src/main/org/codehaus/groovy/runtime/MethodClosure.java):\n\n public class MethodClosure extends Closure {\n + private Object readResolve() {\n + throw new UnsupportedOperationException();\n + \n }\n\nAlternatively, you should make sure to use a custom security policy file (using the standard Java security manager) or make sure that you do not rely on serialization to communicate remotely.", "product_ids": [ "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "groovy: remote execution of untrusted code in class MethodClosure" }, { "cve": "CVE-2016-6814", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413466" } ], "notes": [ { "category": "description", "text": "It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "Groovy: Remote code execution via deserialization", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of groovy as shipped with Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and later do not ship groovy, as such they are not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6814" }, { "category": "external", "summary": "RHBZ#1413466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6814", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814" } ], "release_date": "2017-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2017-08-17T02:38:21+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2486" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Client-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Client-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7ComputeNode-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7ComputeNode-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Server-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Server-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.noarch", "7Workstation-optional-7.4.Z:groovy-0:1.8.9-8.el7_4.src", "7Workstation-optional-7.4.Z:groovy-javadoc-0:1.8.9-8.el7_4.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Groovy: Remote code execution via deserialization" } ] }
gsd-2016-6814
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2016-6814", "description": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.", "id": "GSD-2016-6814", "references": [ "https://access.redhat.com/errata/RHSA-2017:2596", "https://access.redhat.com/errata/RHSA-2017:2486", "https://access.redhat.com/errata/RHSA-2017:0868", "https://access.redhat.com/errata/RHSA-2017:0272", "https://advisories.mageia.org/CVE-2016-6814.html", "https://linux.oracle.com/cve/CVE-2016-6814.html", "https://ubuntu.com/security/CVE-2016-6814" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2016-6814" ], "details": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.", "id": "GSD-2016-6814", "modified": "2023-12-13T01:21:23.015691Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_PUBLIC": "2018-01-15T00:00:00", "ID": "CVE-2016-6814", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2017:2596", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "name": "RHSA-2017:0868", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0868" }, { "name": "RHSA-2017:2486", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "name": "RHSA-2017:0272", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0272.html" }, { "name": "95429", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95429" }, { "name": "1039600", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039600" }, { "name": "GLSA-202003-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-01" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "refsource": "CONFIRM", "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "name": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E", "refsource": "MISC", "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[1.7.0,2.4.3]", "affected_versions": "All versions starting from 1.7.0 up to 2.4.3", "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-502", "CWE-78", "CWE-937" ], "date": "2022-07-06", "description": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.", "fixed_versions": [ "2.4.4" ], "identifier": "CVE-2016-6814", "identifiers": [ "GHSA-xphj-m9cc-8fmq", "CVE-2016-6814" ], "not_impacted": "All versions before 1.7.0, all versions after 2.4.3", "package_slug": "maven/org.codehaus.groovy/groovy", "pubdate": "2022-05-13", "solution": "Upgrade to version 2.4.4 or above.", "title": "Deserialization of Untrusted Data", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2016-6814", "https://access.redhat.com/errata/RHSA-2017:0868", "https://access.redhat.com/errata/RHSA-2017:2486", "https://access.redhat.com/errata/RHSA-2017:2596", "https://security.gentoo.org/glsa/202003-01", "https://www.oracle.com/security-alerts/cpujan2020.html", "https://www.oracle.com/security-alerts/cpujul2020.html", "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E", "http://rhn.redhat.com/errata/RHSA-2017-0272.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "https://github.com/advisories/GHSA-xphj-m9cc-8fmq" ], "uuid": "4e63019e-4733-4a18-90cb-8ef8687f78cd" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.4.7", "versionStartIncluding": "2.4.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.4.3", "versionStartIncluding": "1.7.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-6814" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-502" } ] } ] }, "references": { "reference_data": [ { "name": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E", "refsource": "MISC", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E" }, { "name": "RHSA-2017:2596", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "name": "RHSA-2017:2486", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "name": "RHSA-2017:0868", "refsource": "REDHAT", "tags": [ "Broken Link" ], "url": "https://access.redhat.com/errata/RHSA-2017:0868" }, { "name": "1039600", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1039600" }, { "name": "95429", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/95429" }, { "name": "RHSA-2017:0272", "refsource": "REDHAT", "tags": [ "Broken Link" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0272.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "refsource": "CONFIRM", "tags": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "tags": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "tags": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "tags": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "name": "GLSA-202003-01", "refsource": "GENTOO", "tags": [], "url": "https://security.gentoo.org/glsa/202003-01" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "tags": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } }, "lastModifiedDate": "2020-07-15T03:15Z", "publishedDate": "2018-01-18T18:29Z" } } }
ghsa-xphj-m9cc-8fmq
Vulnerability from github
Published
2022-05-13 01:25
Modified
2024-10-17 16:19
Severity ?
Summary
Deserialization of Untrusted Data in Groovy
Details
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.
{ "affected": [ { "database_specific": { "last_known_affected_version_range": "\u003c= 2.4.7" }, "package": { "ecosystem": "Maven", "name": "org.codehaus.groovy:groovy" }, "ranges": [ { "events": [ { "introduced": "1.7.0" }, { "fixed": "2.4.8" } ], "type": "ECOSYSTEM" } ] }, { "database_specific": { "last_known_affected_version_range": "\u003c= 2.4.7" }, "package": { "ecosystem": "Maven", "name": "org.codehaus.groovy:groovy-all" }, "ranges": [ { "events": [ { "introduced": "1.7.0" }, { "fixed": "2.4.8" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2016-6814" ], "database_specific": { "cwe_ids": [ "CWE-502" ], "github_reviewed": true, "github_reviewed_at": "2022-07-06T19:46:12Z", "nvd_published_at": "2018-01-18T18:29:00Z", "severity": "CRITICAL" }, "details": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.", "id": "GHSA-xphj-m9cc-8fmq", "modified": "2024-10-17T16:19:08Z", "published": "2022-05-13T01:25:19Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6814" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:0868" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:2486" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:2596" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202003-01" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "type": "WEB", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "type": "WEB", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "type": "WEB", "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2017-0272.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ], "summary": "Deserialization of Untrusted Data in Groovy" }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.