cvelistv5 - cve-2020-5404

CVE-2020-5404 (GCVE-0-2020-5404)

Vulnerability from cvelistv5 – Published: 2020-03-03 17:55 – Updated: 2024-09-17 01:02

Title

Authentication Leak On Redirect With Reactor Netty HttpClient

Summary

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N

CWE

CWE-522 - Insufficiently Protected Credentials

Assigner

pivotal

References

URL

	Vendor	Product	Version
	Pivotal	Reactor Netty	Affected: 0.8 , < v0.8.16.RELEASE (custom) Affected: 0.9 , < v0.9.5.RELEASE (custom)

RHSA-2022:8761

Vulnerability from csaf_redhat - Published: 2022-12-14 13:17 - Updated: 2025-11-21 18:35

Summary

Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update

Notes

Topic

An update is now available for Red Hat OpenShift Application Runtimes.

Details

Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.7.2 serves as a replacement for Red Hat support for Spring Boot 2.5.12, and includes security, bug fixes and enhancements. For more information, see the release notes listed in the References section. Security Fix(es): * reactor-netty: specific redirect configuration allows for a credentials leak (CVE-2020-5404) * kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178) * protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569) * undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) (CVE-2022-1259) * undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319) * spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat OpenShift Application Runtimes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of Red Hat support for Spring Boot 2.7.2 serves as a replacement for Red Hat support for Spring Boot 2.5.12, and includes security, bug fixes and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* reactor-netty: specific redirect configuration allows for a credentials leak (CVE-2020-5404)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) (CVE-2022-1259)\n\n* undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319)\n\n* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:8761",
        "url": "https://access.redhat.com/errata/RHSA-2022:8761"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.spring.boot\u0026version=2.7.2",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.spring.boot\u0026version=2.7.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.7/html/release_notes_for_spring_boot_2.7/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.7/html/release_notes_for_spring_boot_2.7/index"
      },
      {
        "category": "external",
        "summary": "1975160",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975160"
      },
      {
        "category": "external",
        "summary": "2034388",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
      },
      {
        "category": "external",
        "summary": "2039903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
      },
      {
        "category": "external",
        "summary": "2069414",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
      },
      {
        "category": "external",
        "summary": "2072339",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
      },
      {
        "category": "external",
        "summary": "2073890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8761.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update",
    "tracking": {
      "current_release_date": "2025-11-21T18:35:20+00:00",
      "generator": {
        "date": "2025-11-21T18:35:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2022:8761",
      "initial_release_date": "2022-12-14T13:17:22+00:00",
      "revision_history": [
        {
          "date": "2022-12-14T13:17:22+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-12-14T13:17:22+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T18:35:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Text-Only RHOAR",
                "product": {
                  "name": "Text-Only RHOAR",
                  "product_id": "Text-Only RHOAR",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Application Runtimes"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-5404",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "discovery_date": "2021-06-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1975160"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "reactor-netty: specific redirect configuration allows for a credentials leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-5404"
        },
        {
          "category": "external",
          "summary": "RHBZ#1975160",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975160"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-5404",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-5404"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404"
        }
      ],
      "release_date": "2020-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "reactor-netty: specific redirect configuration allows for a credentials leak"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jordy Versmissen"
          ]
        }
      ],
      "cve": "CVE-2021-4178",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2021-12-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2034388"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kubernetes-client: Insecure deserialization in unmarshalYaml method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat CodeReady Studio 12 is not affected by this flaw because it does not ship a vulnerable version of kubernetes-client; the version that it ships does not use SnakeYAML.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-4178"
        },
        {
          "category": "external",
          "summary": "RHBZ#2034388",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-4178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178"
        }
      ],
      "release_date": "2022-01-05T15:05:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kubernetes-client: Insecure deserialization in unmarshalYaml method"
    },
    {
      "cve": "CVE-2021-22569",
      "cwe": {
        "id": "CWE-696",
        "name": "Incorrect Behavior Order"
      },
      "discovery_date": "2022-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2039903"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf-java: potential DoS in the parsing procedure for binary data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "RHBZ#2039903",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
          "url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
          "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
        }
      ],
      "release_date": "2022-01-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "protobuf-java: potential DoS in the parsing procedure for binary data"
    },
    {
      "cve": "CVE-2022-1259",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-04-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2072339"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1259"
        },
        {
          "category": "external",
          "summary": "RHBZ#2072339",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
        }
      ],
      "release_date": "2022-04-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
    },
    {
      "cve": "CVE-2022-1319",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2022-04-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2073890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "RHBZ#2073890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1319",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319"
        }
      ],
      "release_date": "2022-04-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures"
    },
    {
      "cve": "CVE-2022-22950",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-03-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2069414"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-expression: Denial of service via specially crafted SpEL expression",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-22950"
        },
        {
          "category": "external",
          "summary": "RHBZ#2069414",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22950",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-22950"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950"
        }
      ],
      "release_date": "2022-03-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "spring-expression: Denial of service via specially crafted SpEL expression"
    }
  ]
}

RHSA-2022_8761

Vulnerability from csaf_redhat - Published: 2022-12-14 13:17 - Updated: 2024-11-22 20:14

Summary

Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update

Notes

Topic

An update is now available for Red Hat OpenShift Application Runtimes.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat OpenShift Application Runtimes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of Red Hat support for Spring Boot 2.7.2 serves as a replacement for Red Hat support for Spring Boot 2.5.12, and includes security, bug fixes and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* reactor-netty: specific redirect configuration allows for a credentials leak (CVE-2020-5404)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) (CVE-2022-1259)\n\n* undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319)\n\n* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:8761",
        "url": "https://access.redhat.com/errata/RHSA-2022:8761"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.spring.boot\u0026version=2.7.2",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.spring.boot\u0026version=2.7.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.7/html/release_notes_for_spring_boot_2.7/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.7/html/release_notes_for_spring_boot_2.7/index"
      },
      {
        "category": "external",
        "summary": "1975160",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975160"
      },
      {
        "category": "external",
        "summary": "2034388",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
      },
      {
        "category": "external",
        "summary": "2039903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
      },
      {
        "category": "external",
        "summary": "2069414",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
      },
      {
        "category": "external",
        "summary": "2072339",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
      },
      {
        "category": "external",
        "summary": "2073890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8761.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update",
    "tracking": {
      "current_release_date": "2024-11-22T20:14:24+00:00",
      "generator": {
        "date": "2024-11-22T20:14:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2022:8761",
      "initial_release_date": "2022-12-14T13:17:22+00:00",
      "revision_history": [
        {
          "date": "2022-12-14T13:17:22+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-12-14T13:17:22+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T20:14:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Text-Only RHOAR",
                "product": {
                  "name": "Text-Only RHOAR",
                  "product_id": "Text-Only RHOAR",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Application Runtimes"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-5404",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "discovery_date": "2021-06-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1975160"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "reactor-netty: specific redirect configuration allows for a credentials leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-5404"
        },
        {
          "category": "external",
          "summary": "RHBZ#1975160",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975160"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-5404",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-5404"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404"
        }
      ],
      "release_date": "2020-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "reactor-netty: specific redirect configuration allows for a credentials leak"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jordy Versmissen"
          ]
        }
      ],
      "cve": "CVE-2021-4178",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2021-12-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2034388"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kubernetes-client: Insecure deserialization in unmarshalYaml method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat CodeReady Studio 12 is not affected by this flaw because it does not ship a vulnerable version of kubernetes-client; the version that it ships does not use SnakeYAML.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-4178"
        },
        {
          "category": "external",
          "summary": "RHBZ#2034388",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-4178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178"
        }
      ],
      "release_date": "2022-01-05T15:05:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kubernetes-client: Insecure deserialization in unmarshalYaml method"
    },
    {
      "cve": "CVE-2021-22569",
      "cwe": {
        "id": "CWE-696",
        "name": "Incorrect Behavior Order"
      },
      "discovery_date": "2022-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2039903"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf-java: potential DoS in the parsing procedure for binary data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "RHBZ#2039903",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
          "url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
          "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
        }
      ],
      "release_date": "2022-01-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "protobuf-java: potential DoS in the parsing procedure for binary data"
    },
    {
      "cve": "CVE-2022-1259",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-04-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2072339"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1259"
        },
        {
          "category": "external",
          "summary": "RHBZ#2072339",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
        }
      ],
      "release_date": "2022-04-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
    },
    {
      "cve": "CVE-2022-1319",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2022-04-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2073890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "RHBZ#2073890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1319",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319"
        }
      ],
      "release_date": "2022-04-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures"
    },
    {
      "cve": "CVE-2022-22950",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-03-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2069414"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-expression: Denial of service via specially crafted SpEL expression",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-22950"
        },
        {
          "category": "external",
          "summary": "RHBZ#2069414",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22950",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-22950"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950"
        }
      ],
      "release_date": "2022-03-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "spring-expression: Denial of service via specially crafted SpEL expression"
    }
  ]
}

GSD-2020-5404

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-5404

Aliases

CVE-2020-5404

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-5404",
    "description": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
    "id": "GSD-2020-5404",
    "references": [
      "https://access.redhat.com/errata/RHSA-2022:8761"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-5404"
      ],
      "details": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
      "id": "GSD-2020-5404",
      "modified": "2023-12-13T01:22:03.539819Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@pivotal.io",
        "DATE_PUBLIC": "2020-02-27T00:00:00.000Z",
        "ID": "CVE-2020-5404",
        "STATE": "PUBLIC",
        "TITLE": "Authentication Leak On Redirect With Reactor Netty HttpClient"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Reactor Netty",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_name": "0.8",
                          "version_value": "v0.8.16.RELEASE"
                        },
                        {
                          "affected": "\u003c",
                          "version_name": "0.9",
                          "version_value": "v0.9.5.RELEASE"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Pivotal"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-522: Insufficiently Protected Credentials"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://pivotal.io/security/cve-2020-5404",
            "refsource": "CONFIRM",
            "url": "https://pivotal.io/security/cve-2020-5404"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[0.8.0,0.8.16),[0.9.0,0.9.5)",
          "affected_versions": "All versions starting from 0.8.0 before 0.8.16, all versions starting from 0.9.0 before 0.9.5",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-522",
            "CWE-937"
          ],
          "date": "2022-02-10",
          "description": "The HttpClient from Reactor Netty,, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
          "fixed_versions": [
            "0.9.5"
          ],
          "identifier": "CVE-2020-5404",
          "identifiers": [
            "GHSA-gpch-h32j-gx6x",
            "CVE-2020-5404"
          ],
          "not_impacted": "All versions before 0.8.0, all versions starting from 0.8.16 before 0.9.0, all versions starting from 0.9.5",
          "package_slug": "maven/io.projectreactor.netty/reactor-netty-http",
          "pubdate": "2022-02-10",
          "solution": "Upgrade to versions 0.9.5, 0.9.5 or above.",
          "title": "Insufficiently Protected Credentials",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-5404",
            "https://pivotal.io/security/cve-2020-5404",
            "https://github.com/advisories/GHSA-gpch-h32j-gx6x"
          ],
          "uuid": "6a56f332-d3b0-4424-b67b-ebef49bcc334"
        },
        {
          "affected_range": "[0.8.0,0.8.15],[0.9.0,0.9.4]",
          "affected_versions": "All versions starting from 0.8.0 up to 0.8.15, all versions starting from 0.9.0 up to 0.9.4",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-522",
            "CWE-937"
          ],
          "date": "2021-07-07",
          "description": "The HttpClient from Reactor Netty may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the `HttpClient` must have been explicitly configured to follow redirects.",
          "fixed_versions": [
            "0.8.16.RELEASE",
            "0.9.5.RELEASE"
          ],
          "identifier": "CVE-2020-5404",
          "identifiers": [
            "CVE-2020-5404"
          ],
          "not_impacted": "All versions before 0.8.0, all versions after 0.8.15 before 0.9.0, all versions after 0.9.4",
          "package_slug": "maven/io.projectreactor.netty/reactor-netty",
          "pubdate": "2020-03-03",
          "solution": "Upgrade to versions 0.8.16.RELEASE, 0.9.5.RELEASE or above.",
          "title": "Insufficiently Protected Credentials",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-5404",
            "https://pivotal.io/security/cve-2020-5404"
          ],
          "uuid": "c5516a4d-bcdd-40dc-8d77-ce9a1b7388c3"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.8.15",
                "versionStartIncluding": "0.8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.9.4",
                "versionStartIncluding": "0.9.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@pivotal.io",
          "ID": "CVE-2020-5404"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-522"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://pivotal.io/security/cve-2020-5404",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://pivotal.io/security/cve-2020-5404"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.6,
          "impactScore": 4.2
        }
      },
      "lastModifiedDate": "2021-07-07T14:15Z",
      "publishedDate": "2020-03-03T18:15Z"
    }
  }
}

GHSA-GPCH-H32J-GX6X

Vulnerability from github – Published: 2022-02-10 20:24 – Updated: 2021-07-08 14:31

Summary

Insufficiently Protected Credentials in Reactor Netty

Details

Severity ?

5.9 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.projectreactor.netty:reactor-netty-http"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.9.0"
            },
            {
              "fixed": "0.9.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.projectreactor.netty:reactor-netty-http"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.8.0"
            },
            {
              "fixed": "0.8.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-5404"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-22T20:23:58Z",
    "nvd_published_at": "2020-03-03T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
  "id": "GHSA-gpch-h32j-gx6x",
  "modified": "2021-07-08T14:31:41Z",
  "published": "2022-02-10T20:24:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404"
    },
    {
      "type": "WEB",
      "url": "https://pivotal.io/security/cve-2020-5404"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Insufficiently Protected Credentials in Reactor Netty"
}

FKIE_CVE-2020-5404

Vulnerability from fkie_nvd - Published: 2020-03-03 18:15 - Updated: 2024-11-21 05:34

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N

Summary

References

	URL	Tags
	security@pivotal.io	https://pivotal.io/security/cve-2020-5404	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://pivotal.io/security/cve-2020-5404	Vendor Advisory

Impacted products

	Vendor	Product	Version
	pivotal	reactor_netty	*
	pivotal	reactor_netty	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17BE00C-FA7A-4024-AB15-5D12D1394CB7",
              "versionEndIncluding": "0.8.15",
              "versionStartIncluding": "0.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4298A26-4A66-4528-9A83-6C71739184CE",
              "versionEndIncluding": "0.9.4",
              "versionStartIncluding": "0.9.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."
    },
    {
      "lang": "es",
      "value": "El HttpClient del Reactor Netty, versiones 0.9.x anteriores a 0.9.5, y versiones 0.8.x anteriores a 0.8.16, puede ser usado incorrectamente, conllevando a un filtrado de credenciales durante un redireccionamiento hacia un dominio diferente. A fin de que esto ocurra, el HttpClient debe haber sido configurado expl\u00edcitamente para seguir los redireccionamientos."
    }
  ],
  "id": "CVE-2020-5404",
  "lastModified": "2024-11-21T05:34:04.980",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 4.7,
        "source": "security@pivotal.io",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-03-03T18:15:12.157",
  "references": [
    {
      "source": "security@pivotal.io",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://pivotal.io/security/cve-2020-5404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://pivotal.io/security/cve-2020-5404"
    }
  ],
  "sourceIdentifier": "security@pivotal.io",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "security@pivotal.io",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-5404 (GCVE-0-2020-5404)

RHSA-2022:8761

RHSA-2022_8761

GSD-2020-5404

GHSA-GPCH-H32J-GX6X

FKIE_CVE-2020-5404

Tags

Sightings

Nomenclature