cvelistv5 - cve-2020-5404

▼	URL	Tags
	security@pivotal.io	https://pivotal.io/security/cve-2020-5404	Vendor Advisory

▼	Vendor	Product
	Pivotal	Reactor Netty

gsd-2020-5404

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.

Aliases

CVE-2020-5404

Aliases

CVE-2020-5404

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-5404",
    "description": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
    "id": "GSD-2020-5404",
    "references": [
      "https://access.redhat.com/errata/RHSA-2022:8761"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-5404"
      ],
      "details": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
      "id": "GSD-2020-5404",
      "modified": "2023-12-13T01:22:03.539819Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@pivotal.io",
        "DATE_PUBLIC": "2020-02-27T00:00:00.000Z",
        "ID": "CVE-2020-5404",
        "STATE": "PUBLIC",
        "TITLE": "Authentication Leak On Redirect With Reactor Netty HttpClient"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Reactor Netty",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_name": "0.8",
                          "version_value": "v0.8.16.RELEASE"
                        },
                        {
                          "affected": "\u003c",
                          "version_name": "0.9",
                          "version_value": "v0.9.5.RELEASE"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Pivotal"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-522: Insufficiently Protected Credentials"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://pivotal.io/security/cve-2020-5404",
            "refsource": "CONFIRM",
            "url": "https://pivotal.io/security/cve-2020-5404"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[0.8.0,0.8.16),[0.9.0,0.9.5)",
          "affected_versions": "All versions starting from 0.8.0 before 0.8.16, all versions starting from 0.9.0 before 0.9.5",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-522",
            "CWE-937"
          ],
          "date": "2022-02-10",
          "description": "The HttpClient from Reactor Netty,, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
          "fixed_versions": [
            "0.9.5"
          ],
          "identifier": "CVE-2020-5404",
          "identifiers": [
            "GHSA-gpch-h32j-gx6x",
            "CVE-2020-5404"
          ],
          "not_impacted": "All versions before 0.8.0, all versions starting from 0.8.16 before 0.9.0, all versions starting from 0.9.5",
          "package_slug": "maven/io.projectreactor.netty/reactor-netty-http",
          "pubdate": "2022-02-10",
          "solution": "Upgrade to versions 0.9.5, 0.9.5 or above.",
          "title": "Insufficiently Protected Credentials",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-5404",
            "https://pivotal.io/security/cve-2020-5404",
            "https://github.com/advisories/GHSA-gpch-h32j-gx6x"
          ],
          "uuid": "6a56f332-d3b0-4424-b67b-ebef49bcc334"
        },
        {
          "affected_range": "[0.8.0,0.8.15],[0.9.0,0.9.4]",
          "affected_versions": "All versions starting from 0.8.0 up to 0.8.15, all versions starting from 0.9.0 up to 0.9.4",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-522",
            "CWE-937"
          ],
          "date": "2021-07-07",
          "description": "The HttpClient from Reactor Netty may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the `HttpClient` must have been explicitly configured to follow redirects.",
          "fixed_versions": [
            "0.8.16.RELEASE",
            "0.9.5.RELEASE"
          ],
          "identifier": "CVE-2020-5404",
          "identifiers": [
            "CVE-2020-5404"
          ],
          "not_impacted": "All versions before 0.8.0, all versions after 0.8.15 before 0.9.0, all versions after 0.9.4",
          "package_slug": "maven/io.projectreactor.netty/reactor-netty",
          "pubdate": "2020-03-03",
          "solution": "Upgrade to versions 0.8.16.RELEASE, 0.9.5.RELEASE or above.",
          "title": "Insufficiently Protected Credentials",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-5404",
            "https://pivotal.io/security/cve-2020-5404"
          ],
          "uuid": "c5516a4d-bcdd-40dc-8d77-ce9a1b7388c3"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.8.15",
                "versionStartIncluding": "0.8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.9.4",
                "versionStartIncluding": "0.9.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@pivotal.io",
          "ID": "CVE-2020-5404"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-522"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://pivotal.io/security/cve-2020-5404",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://pivotal.io/security/cve-2020-5404"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.6,
          "impactScore": 4.2
        }
      },
      "lastModifiedDate": "2021-07-07T14:15Z",
      "publishedDate": "2020-03-03T18:15Z"
    }
  }
}

ghsa-gpch-h32j-gx6x

Vulnerability from github

Published

2022-02-10 20:24

Modified

2021-07-08 14:31

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N

Summary

Insufficiently Protected Credentials in Reactor Netty

Details

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.projectreactor.netty:reactor-netty-http"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.9.0"
            },
            {
              "fixed": "0.9.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.projectreactor.netty:reactor-netty-http"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.8.0"
            },
            {
              "fixed": "0.8.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-5404"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-22T20:23:58Z",
    "nvd_published_at": "2020-03-03T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
  "id": "GHSA-gpch-h32j-gx6x",
  "modified": "2021-07-08T14:31:41Z",
  "published": "2022-02-10T20:24:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404"
    },
    {
      "type": "WEB",
      "url": "https://pivotal.io/security/cve-2020-5404"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Insufficiently Protected Credentials in Reactor Netty"
}

rhsa-2022_8761

Vulnerability from csaf_redhat

Published

2022-12-14 13:17

Modified

2024-11-06 02:05

Summary

Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update

Notes

Topic

An update is now available for Red Hat OpenShift Application Runtimes.

Details

Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.7.2 serves as a replacement for Red Hat support for Spring Boot 2.5.12, and includes security, bug fixes and enhancements. For more information, see the release notes listed in the References section. Security Fix(es): * reactor-netty: specific redirect configuration allows for a credentials leak (CVE-2020-5404) * kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178) * protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569) * undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) (CVE-2022-1259) * undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319) * spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat OpenShift Application Runtimes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of Red Hat support for Spring Boot 2.7.2 serves as a replacement for Red Hat support for Spring Boot 2.5.12, and includes security, bug fixes and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* reactor-netty: specific redirect configuration allows for a credentials leak (CVE-2020-5404)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) (CVE-2022-1259)\n\n* undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319)\n\n* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:8761",
        "url": "https://access.redhat.com/errata/RHSA-2022:8761"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.spring.boot\u0026version=2.7.2",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.spring.boot\u0026version=2.7.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.7/html/release_notes_for_spring_boot_2.7/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.7/html/release_notes_for_spring_boot_2.7/index"
      },
      {
        "category": "external",
        "summary": "1975160",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975160"
      },
      {
        "category": "external",
        "summary": "2034388",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
      },
      {
        "category": "external",
        "summary": "2039903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
      },
      {
        "category": "external",
        "summary": "2069414",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
      },
      {
        "category": "external",
        "summary": "2072339",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
      },
      {
        "category": "external",
        "summary": "2073890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8761.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update",
    "tracking": {
      "current_release_date": "2024-11-06T02:05:36+00:00",
      "generator": {
        "date": "2024-11-06T02:05:36+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2022:8761",
      "initial_release_date": "2022-12-14T13:17:22+00:00",
      "revision_history": [
        {
          "date": "2022-12-14T13:17:22+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-12-14T13:17:22+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-06T02:05:36+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Text-Only RHOAR",
                "product": {
                  "name": "Text-Only RHOAR",
                  "product_id": "Text-Only RHOAR",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Application Runtimes"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-5404",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "discovery_date": "2021-06-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1975160"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "reactor-netty: specific redirect configuration allows for a credentials leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-5404"
        },
        {
          "category": "external",
          "summary": "RHBZ#1975160",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975160"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-5404",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-5404"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5404"
        }
      ],
      "release_date": "2020-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "reactor-netty: specific redirect configuration allows for a credentials leak"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jordy Versmissen"
          ]
        }
      ],
      "cve": "CVE-2021-4178",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2021-12-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2034388"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kubernetes-client: Insecure deserialization in unmarshalYaml method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat CodeReady Studio 12 is not affected by this flaw because it does not ship a vulnerable version of kubernetes-client; the version that it ships does not use SnakeYAML.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-4178"
        },
        {
          "category": "external",
          "summary": "RHBZ#2034388",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-4178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178"
        }
      ],
      "release_date": "2022-01-05T15:05:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kubernetes-client: Insecure deserialization in unmarshalYaml method"
    },
    {
      "cve": "CVE-2021-22569",
      "cwe": {
        "id": "CWE-696",
        "name": "Incorrect Behavior Order"
      },
      "discovery_date": "2022-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2039903"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf-java: potential DoS in the parsing procedure for binary data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "RHBZ#2039903",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
          "url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
          "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
        }
      ],
      "release_date": "2022-01-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "protobuf-java: potential DoS in the parsing procedure for binary data"
    },
    {
      "cve": "CVE-2022-1259",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-04-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2072339"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1259"
        },
        {
          "category": "external",
          "summary": "RHBZ#2072339",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
        }
      ],
      "release_date": "2022-04-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
    },
    {
      "cve": "CVE-2022-1319",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2022-04-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2073890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "RHBZ#2073890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1319",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319"
        }
      ],
      "release_date": "2022-04-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures"
    },
    {
      "cve": "CVE-2022-22950",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-03-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2069414"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-expression: Denial of service via specially crafted SpEL expression",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Text-Only RHOAR"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-22950"
        },
        {
          "category": "external",
          "summary": "RHBZ#2069414",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069414"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-22950",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-22950"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22950"
        }
      ],
      "release_date": "2022-03-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-12-14T13:17:22+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Text-Only RHOAR"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Text-Only RHOAR"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "spring-expression: Denial of service via specially crafted SpEL expression"
    }
  ]
}

Action not permitted

cve-2020-5404

Vulnerability from cvelistv5

gsd-2020-5404

Vulnerability from gsd

ghsa-gpch-h32j-gx6x

Vulnerability from github

rhsa-2022_8761

Vulnerability from csaf_redhat

Tags