Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-37734 (GCVE-0-2022-37734)
Vulnerability from cvelistv5
Published
2022-09-12 13:14
Modified
2024-08-03 10:37
Severity ?
EPSS score ?
Summary
graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/graphql-java/graphql-java/discussions/2958 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/graphql-java/graphql-java/issues/2888 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/graphql-java/graphql-java/pull/2892 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/graphql-java/graphql-java/releases | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/discussions/2958 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/issues/2888 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/pull/2892 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/releases | Release Notes, Third Party Advisory |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:37:40.930Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/graphql-java/graphql-java/releases", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-28T19:48:36", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/graphql-java/graphql-java/releases", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-37734", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/graphql-java/graphql-java/issues/2888", refsource: "MISC", url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { name: "https://github.com/graphql-java/graphql-java/pull/2892", refsource: "MISC", url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { name: "https://github.com/graphql-java/graphql-java/discussions/2958", refsource: "CONFIRM", url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { name: "https://github.com/graphql-java/graphql-java/releases", refsource: "CONFIRM", url: "https://github.com/graphql-java/graphql-java/releases", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-37734", datePublished: "2022-09-12T13:14:35", dateReserved: "2022-08-08T00:00:00", dateUpdated: "2024-08-03T10:37:40.930Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:java:*:*\", \"versionEndExcluding\": \"17.4\", \"matchCriteriaId\": \"6213C053-09F9-4ECB-A97C-D9889C0FD6B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"18.0\", \"versionEndExcluding\": \"18.3\", \"matchCriteriaId\": \"615E4172-550D-42EB-B32C-B7C15C33DD37\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.\"}, {\"lang\": \"es\", \"value\": \"graphql-java before19.0 es vulnerable a la denegaci\\u00f3n de servicio. Un atacante puede enviar una consulta GraphQL maliciosa que consuma recursos de la CPU. Las versiones corregidas son 19.0 y posteriores, 18.3 y 17.4, y 0.0.0-2022-07-26T05-45-04-226aabd9\"}]", id: "CVE-2022-37734", lastModified: "2024-11-21T07:15:07.053", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}", published: "2022-09-12T14:15:09.047", references: "[{\"url\": \"https://github.com/graphql-java/graphql-java/discussions/2958\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/graphql-java/graphql-java/issues/2888\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/graphql-java/graphql-java/pull/2892\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/graphql-java/graphql-java/releases\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/graphql-java/graphql-java/discussions/2958\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/graphql-java/graphql-java/issues/2888\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/graphql-java/graphql-java/pull/2892\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/graphql-java/graphql-java/releases\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}]", sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2022-37734\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-09-12T14:15:09.047\",\"lastModified\":\"2024-11-21T07:15:07.053\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.\"},{\"lang\":\"es\",\"value\":\"graphql-java before19.0 es vulnerable a la denegación de servicio. Un atacante puede enviar una consulta GraphQL maliciosa que consuma recursos de la CPU. Las versiones corregidas son 19.0 y posteriores, 18.3 y 17.4, y 0.0.0-2022-07-26T05-45-04-226aabd9\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:java:*:*\",\"versionEndExcluding\":\"17.4\",\"matchCriteriaId\":\"6213C053-09F9-4ECB-A97C-D9889C0FD6B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0\",\"versionEndExcluding\":\"18.3\",\"matchCriteriaId\":\"615E4172-550D-42EB-B32C-B7C15C33DD37\"}]}]}],\"references\":[{\"url\":\"https://github.com/graphql-java/graphql-java/discussions/2958\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/graphql-java/graphql-java/issues/2888\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/graphql-java/graphql-java/pull/2892\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/graphql-java/graphql-java/releases\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/graphql-java/graphql-java/discussions/2958\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/graphql-java/graphql-java/issues/2888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/graphql-java/graphql-java/pull/2892\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/graphql-java/graphql-java/releases\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]}]}}", }, }
gsd-2022-37734
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.
Aliases
Aliases
{ GSD: { alias: "CVE-2022-37734", description: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources.", id: "GSD-2022-37734", references: [ "https://access.redhat.com/errata/RHSA-2022:6757", "https://access.redhat.com/errata/RHSA-2022:6835", "https://access.redhat.com/errata/RHSA-2022:9023", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2022-37734", ], details: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.", id: "GSD-2022-37734", modified: "2023-12-13T01:19:13.522895Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-37734", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/graphql-java/graphql-java/issues/2888", refsource: "MISC", url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { name: "https://github.com/graphql-java/graphql-java/pull/2892", refsource: "MISC", url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { name: "https://github.com/graphql-java/graphql-java/discussions/2958", refsource: "CONFIRM", url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { name: "https://github.com/graphql-java/graphql-java/releases", refsource: "CONFIRM", url: "https://github.com/graphql-java/graphql-java/releases", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "(,17.4),[18.0,18.3)", affected_versions: "All versions before 17.4, all versions starting from 18.0 before 18.3", cvss_v3: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", cwe_ids: [ "CWE-1035", "CWE-937", ], date: "2023-08-08", description: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4.", fixed_versions: [ "17.4", "18.3", ], identifier: "CVE-2022-37734", identifiers: [ "CVE-2022-37734", ], not_impacted: "All versions starting from 17.4 before 18.0, all versions starting from 18.3", package_slug: "maven/com.graphql-java/graphql-java", pubdate: "2022-09-12", solution: "Upgrade to versions 17.4, 18.3 or above.", title: "Uncontrolled Resource Consumption", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", "https://github.com/graphql-java/graphql-java/pull/2892", "https://github.com/graphql-java/graphql-java/issues/2888", "https://github.com/graphql-java/graphql-java/discussions/2958", "https://github.com/graphql-java/graphql-java/releases", ], uuid: "1844ea90-1960-483e-a0a6-01e4fbee727a", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "18.3", versionStartIncluding: "18.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:java:*:*", cpe_name: [], versionEndExcluding: "17.4", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-37734", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-400", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/graphql-java/graphql-java/pull/2892", refsource: "MISC", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { name: "https://github.com/graphql-java/graphql-java/issues/2888", refsource: "MISC", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { name: "https://github.com/graphql-java/graphql-java/discussions/2958", refsource: "CONFIRM", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { name: "https://github.com/graphql-java/graphql-java/releases", refsource: "CONFIRM", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/releases", }, ], }, }, impact: { baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2022-09-28T20:15Z", publishedDate: "2022-09-12T14:15Z", }, }, }
RHSA-2022:9023
Vulnerability from csaf_redhat
Published
2022-12-14 13:15
Modified
2025-04-14 02:02
Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
Notes
Topic
An update is now available for Red Hat build of Quarkus. Red Hat Product
Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus
* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE
* CVE-2022-37734 graphql-java: DoS by malicious query
* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS
* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE
* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* CVE-2022-42004 jackson-databind: use of deeply nested arrays
* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Quarkus. Red Hat Product\nSecurity has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus \n\n* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE\n\n* CVE-2022-37734 graphql-java: DoS by malicious query\n\n* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS\n\n* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE\n\n* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n\n* CVE-2022-42004 jackson-databind: use of deeply nested arrays \n\n* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:9023", url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/4966181", url: "https://access.redhat.com/articles/4966181", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=redhat.quarkus&version=2.13.5", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=redhat.quarkus&version=2.13.5", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "2129428", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129428", }, { category: "external", summary: "2135244", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135244", }, { category: "external", summary: "2135247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135247", }, { category: "external", summary: "2135435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135435", }, { category: "external", summary: "2137645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2137645", }, { category: "external", summary: "2144748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2144748", }, { category: "external", summary: "2148867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148867", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9023.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update", tracking: { current_release_date: "2025-04-14T02:02:56+00:00", generator: { date: "2025-04-14T02:02:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2022:9023", initial_release_date: "2022-12-14T13:15:01+00:00", revision_history: [ { date: "2022-12-14T13:15:01+00:00", number: "1", summary: "Initial version", }, { date: "2022-12-14T13:15:01+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-14T02:02:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Quarkus 2.13.5", product: { name: "Red Hat build of Quarkus 2.13.5", product_id: "Red Hat build of Quarkus 2.13.5", product_identification_helper: { cpe: "cpe:/a:redhat:quarkus:2.13", }, }, }, ], category: "product_family", name: "Red Hat build of Quarkus", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3171", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2022-10-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2137645", }, ], notes: [ { category: "description", text: "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.", title: "Vulnerability description", }, { category: "summary", text: "protobuf-java: timeout in parser leads to DoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-3171", }, { category: "external", summary: "RHBZ#2137645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2137645", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-3171", url: "https://www.cve.org/CVERecord?id=CVE-2022-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-3171", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2", url: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2", }, ], release_date: "2022-10-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "protobuf-java: timeout in parser leads to DoS", }, { acknowledgments: [ { names: [ "Joseph Beeton", ], organization: "Contrast Security", }, ], cve: "CVE-2022-4116", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2022-11-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2144748", }, ], notes: [ { category: "description", text: "A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4116", }, { category: "external", summary: "RHBZ#2144748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2144748", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4116", url: "https://www.cve.org/CVERecord?id=CVE-2022-4116", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4116", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4116", }, ], release_date: "2022-11-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE", }, { cve: "CVE-2022-4147", cwe: { id: "CWE-1026", name: "CWE-1026", }, discovery_date: "2022-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2148867", }, ], notes: [ { category: "description", text: "A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.", title: "Vulnerability description", }, { category: "summary", text: "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4147", }, { category: "external", summary: "RHBZ#2148867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148867", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4147", url: "https://www.cve.org/CVERecord?id=CVE-2022-4147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4147", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4147", }, ], release_date: "2022-11-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus", }, { cve: "CVE-2022-31197", cwe: { id: "CWE-89", name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, discovery_date: "2022-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129428", }, ], notes: [ { category: "description", text: "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.", title: "Vulnerability description", }, { category: "summary", text: "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names", title: "Vulnerability summary", }, { category: "other", text: "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-31197", }, { category: "external", summary: "RHBZ#2129428", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129428", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-31197", url: "https://www.cve.org/CVERecord?id=CVE-2022-31197", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-31197", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-31197", }, { category: "external", summary: "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2", url: "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2", }, ], release_date: "2022-08-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, { cve: "CVE-2022-42003", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135244", }, ], notes: [ { category: "description", text: "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42003", }, { category: "external", summary: "RHBZ#2135244", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135244", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42003", url: "https://www.cve.org/CVERecord?id=CVE-2022-42003", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", }, ], release_date: "2022-10-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", }, { cve: "CVE-2022-42004", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135247", }, ], notes: [ { category: "description", text: "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: use of deeply nested arrays", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42004", }, { category: "external", summary: "RHBZ#2135247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135247", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42004", url: "https://www.cve.org/CVERecord?id=CVE-2022-42004", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", }, ], release_date: "2022-10-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: use of deeply nested arrays", }, { cve: "CVE-2022-42889", cwe: { id: "CWE-1188", name: "Initialization of a Resource with an Insecure Default", }, discovery_date: "2022-10-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135435", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-text: variable interpolation RCE", title: "Vulnerability summary", }, { category: "other", text: "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42889", }, { category: "external", summary: "RHBZ#2135435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135435", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42889", url: "https://www.cve.org/CVERecord?id=CVE-2022-42889", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42889", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42889", }, { category: "external", summary: "https://blogs.apache.org/security/entry/cve-2022-42889", url: "https://blogs.apache.org/security/entry/cve-2022-42889", }, { category: "external", summary: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", url: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", }, { category: "external", summary: "https://seclists.org/oss-sec/2022/q4/22", url: "https://seclists.org/oss-sec/2022/q4/22", }, ], release_date: "2022-10-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "workaround", details: "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache-commons-text: variable interpolation RCE", }, ], }
rhsa-2022:6757
Vulnerability from csaf_redhat
Published
2022-10-05 14:50
Modified
2025-04-14 02:01
Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update
Notes
Topic
An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details
This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* graphql-java: DoS by malicious query (CVE-2022-37734)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:6757", url: "https://access.redhat.com/errata/RHSA-2022:6757", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.3.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.3.3", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index", url: "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index", }, { category: "external", summary: "2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "2129706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129706", }, { category: "external", summary: "2129707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129707", }, { category: "external", summary: "2129709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129709", }, { category: "external", summary: "2129710", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129710", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6757.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update", tracking: { current_release_date: "2025-04-14T02:01:45+00:00", generator: { date: "2025-04-14T02:01:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2022:6757", initial_release_date: "2022-10-05T14:50:01+00:00", revision_history: [ { date: "2022-10-05T14:50:01+00:00", number: "1", summary: "Initial version", }, { date: "2022-10-05T14:50:01+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-14T02:01:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Eclipse Vert.x 4.3.3", product: { name: "Red Hat build of Eclipse Vert.x 4.3.3", product_id: "Red Hat build of Eclipse Vert.x 4.3.3", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126789", }, ], notes: [ { category: "description", text: "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", title: "Vulnerability summary", }, { category: "other", text: "For RHEL-8 it's downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn't shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it's not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25857", }, { category: "external", summary: "RHBZ#2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25857", url: "https://www.cve.org/CVERecord?id=CVE-2022-25857", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", }, { category: "external", summary: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", url: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", }, ], release_date: "2022-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, { cve: "CVE-2022-38749", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129706", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38749", }, { category: "external", summary: "RHBZ#2129706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129706", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38749", url: "https://www.cve.org/CVERecord?id=CVE-2022-38749", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", }, { cve: "CVE-2022-38750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129707", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38750", }, { category: "external", summary: "RHBZ#2129707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129707", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38750", url: "https://www.cve.org/CVERecord?id=CVE-2022-38750", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", }, { cve: "CVE-2022-38751", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129709", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38751", }, { category: "external", summary: "RHBZ#2129709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129709", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38751", url: "https://www.cve.org/CVERecord?id=CVE-2022-38751", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", }, { cve: "CVE-2022-38752", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129710", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38752", }, { category: "external", summary: "RHBZ#2129710", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129710", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38752", url: "https://www.cve.org/CVERecord?id=CVE-2022-38752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38752", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38752", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode", }, ], }
rhsa-2022:6835
Vulnerability from csaf_redhat
Published
2022-10-06 12:26
Modified
2025-04-18 18:48
Summary
Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]
Notes
Topic
An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.
Security Fix(es):
* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)
* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)
* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)
* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)
* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)
* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)
* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)
* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)
* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)
* graphql-java: DoS by malicious query (CVE-2022-37734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.\n\nSecurity Fix(es):\n\n* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)\n\n* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)\n\n* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)\n\n* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)\n\n* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)\n\n* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)\n\n* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)\n\n* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:6835", url: "https://access.redhat.com/errata/RHSA-2022:6835", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2004133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004133", }, { category: "external", summary: "2004135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004135", }, { category: "external", summary: "2024632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024632", }, { category: "external", summary: "2039903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2039903", }, { category: "external", summary: "2044591", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044591", }, { category: "external", summary: "2050863", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050863", }, { category: "external", summary: "2053259", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2053259", }, { category: "external", summary: "2056643", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056643", }, { category: "external", summary: "2062520", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2062520", }, { category: "external", summary: "2064007", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2064007", }, { category: "external", summary: "2067387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067387", }, { category: "external", summary: "2067458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067458", }, { category: "external", summary: "2067461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067461", }, { category: "external", summary: "2080850", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2080850", }, { category: "external", summary: "2105075", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2105075", }, { category: "external", summary: "2126277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126277", }, { category: "external", summary: "2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6835.json", }, ], title: "Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]", tracking: { current_release_date: "2025-04-18T18:48:34+00:00", generator: { date: "2025-04-18T18:48:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2022:6835", initial_release_date: "2022-10-06T12:26:20+00:00", revision_history: [ { date: "2022-10-06T12:26:20+00:00", number: "1", summary: "Initial version", }, { date: "2022-10-06T12:26:20+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-18T18:48:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHINT Service Registry 2.3.0 GA", product: { name: "RHINT Service Registry 2.3.0 GA", product_id: "RHINT Service Registry 2.3.0 GA", product_identification_helper: { cpe: "cpe:/a:redhat:service_registry:2.3", }, }, }, ], category: "product_family", name: "Red Hat Integration", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2021-22569", cwe: { id: "CWE-696", name: "Incorrect Behavior Order", }, discovery_date: "2022-01-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2039903", }, ], notes: [ { category: "description", text: "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "protobuf-java: potential DoS in the parsing procedure for binary data", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-22569", }, { category: "external", summary: "RHBZ#2039903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2039903", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-22569", url: "https://www.cve.org/CVERecord?id=CVE-2021-22569", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-22569", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-22569", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b", url: "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67", url: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67", }, ], release_date: "2022-01-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "protobuf-java: potential DoS in the parsing procedure for binary data", }, { cve: "CVE-2021-37136", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2004133", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data", title: "Vulnerability summary", }, { category: "other", text: "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-37136", }, { category: "external", summary: "RHBZ#2004133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004133", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-37136", url: "https://www.cve.org/CVERecord?id=CVE-2021-37136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-37136", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-37136", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", url: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", }, ], release_date: "2021-09-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data", }, { cve: "CVE-2021-37137", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2004135", }, ], notes: [ { category: "description", text: "A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-37137", }, { category: "external", summary: "RHBZ#2004135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-37137", url: "https://www.cve.org/CVERecord?id=CVE-2021-37137", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-37137", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-37137", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", url: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", }, ], release_date: "2021-09-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way", }, { cve: "CVE-2021-41269", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2021-11-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2024632", }, ], notes: [ { category: "description", text: "A flaw was found in cron-utils. This flaw allows an attacker to perform unauthenticated Remote Code Execution (RCE) via Java Expression Language (EL) injection.", title: "Vulnerability description", }, { category: "summary", text: "cron-utils: template Injection leading to unauthenticated Remote Code Execution", title: "Vulnerability summary", }, { category: "other", text: "Only projects using the @Cron annotation to validate untrusted Cron expressions are affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41269", }, { category: "external", summary: "RHBZ#2024632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024632", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41269", url: "https://www.cve.org/CVERecord?id=CVE-2021-41269", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41269", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41269", }, ], release_date: "2021-11-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "cron-utils: template Injection leading to unauthenticated Remote Code Execution", }, { cve: "CVE-2022-0235", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2022-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044591", }, ], notes: [ { category: "description", text: "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", title: "Vulnerability description", }, { category: "summary", text: "node-fetch: exposure of sensitive information to an unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0235", }, { category: "external", summary: "RHBZ#2044591", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044591", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0235", url: "https://www.cve.org/CVERecord?id=CVE-2022-0235", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", }, { category: "external", summary: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", url: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", }, ], release_date: "2022-01-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "node-fetch: exposure of sensitive information to an unauthorized actor", }, { cve: "CVE-2022-0536", cwe: { id: "CWE-212", name: "Improper Removal of Sensitive Information Before Storage or Transfer", }, discovery_date: "2022-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2053259", }, ], notes: [ { category: "description", text: "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.", title: "Vulnerability description", }, { category: "summary", text: "follow-redirects: Exposure of Sensitive Information via Authorization Header leak", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0536", }, { category: "external", summary: "RHBZ#2053259", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2053259", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0536", url: "https://www.cve.org/CVERecord?id=CVE-2022-0536", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0536", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0536", }, ], release_date: "2022-02-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "follow-redirects: Exposure of Sensitive Information via Authorization Header leak", }, { acknowledgments: [ { names: [ "Sanne Grinovero", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2022-0981", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2022-02-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2062520", }, ], notes: [ { category: "description", text: "A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.", title: "Vulnerability description", }, { category: "summary", text: "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus", title: "Vulnerability summary", }, { category: "other", text: "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0981", }, { category: "external", summary: "RHBZ#2062520", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2062520", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0981", url: "https://www.cve.org/CVERecord?id=CVE-2022-0981", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0981", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0981", }, { category: "external", summary: "https://github.com/quarkusio/quarkus/issues/23269", url: "https://github.com/quarkusio/quarkus/issues/23269", }, ], release_date: "2022-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus", }, { cve: "CVE-2022-21724", cwe: { id: "CWE-665", name: "Improper Initialization", }, discovery_date: "2022-02-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2050863", }, ], notes: [ { category: "description", text: "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.", title: "Vulnerability description", }, { category: "summary", text: "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes", title: "Vulnerability summary", }, { category: "other", text: "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-21724", }, { category: "external", summary: "RHBZ#2050863", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050863", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-21724", url: "https://www.cve.org/CVERecord?id=CVE-2022-21724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-21724", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-21724", }, { category: "external", summary: "https://github.com/advisories/GHSA-v7wg-cpwc-24m4", url: "https://github.com/advisories/GHSA-v7wg-cpwc-24m4", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes", }, { cve: "CVE-2022-23647", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2022-02-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2056643", }, ], notes: [ { category: "description", text: "A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.", title: "Vulnerability description", }, { category: "summary", text: "prismjs: improperly escaped output allows a XSS", title: "Vulnerability summary", }, { category: "other", text: "This issue affects Prism as shipped with all versions of Red Hat Ceph Storage, Red Hat Migration Toolkit for Virtualization, Red Hat OpenShift Container Platform, Red Hat OpenShift Service Mesh, Red Hat Advanced Cluster Security, and Red Hat Gluster Storage. However, this flaw is not known to be exploitable under any supported scenario, as websites that do not use the Command Line plugin are also not impacted. The above products do not use the Command Line plugin, thus, are marked not affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23647", }, { category: "external", summary: "RHBZ#2056643", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056643", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23647", url: "https://www.cve.org/CVERecord?id=CVE-2022-23647", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23647", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23647", }, { category: "external", summary: "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99", url: "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99", }, ], release_date: "2022-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "prismjs: improperly escaped output allows a XSS", }, { cve: "CVE-2022-24771", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067387", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery", title: "Vulnerability summary", }, { category: "other", text: "This flaw affects the DigestAlgorithm structure.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24771", }, { category: "external", summary: "RHBZ#2067387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067387", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24771", url: "https://www.cve.org/CVERecord?id=CVE-2022-24771", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24771", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24771", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery", }, { cve: "CVE-2022-24772", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067458", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery", title: "Vulnerability summary", }, { category: "other", text: "This flaw affects the DigestInfo ASN.1 structure.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24772", }, { category: "external", summary: "RHBZ#2067458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067458", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24772", url: "https://www.cve.org/CVERecord?id=CVE-2022-24772", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24772", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24772", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery", }, { cve: "CVE-2022-24773", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067461", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification leniency in checking `DigestInfo` structure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24773", }, { category: "external", summary: "RHBZ#2067461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067461", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24773", url: "https://www.cve.org/CVERecord?id=CVE-2022-24773", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24773", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24773", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification leniency in checking `DigestInfo` structure", }, { cve: "CVE-2022-25647", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-05-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2080850", }, ], notes: [ { category: "description", text: "A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.", title: "Vulnerability description", }, { category: "summary", text: "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25647", }, { category: "external", summary: "RHBZ#2080850", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2080850", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25647", url: "https://www.cve.org/CVERecord?id=CVE-2022-25647", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25647", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25647", }, ], release_date: "2022-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson", }, { cve: "CVE-2022-25857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126789", }, ], notes: [ { category: "description", text: "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", title: "Vulnerability summary", }, { category: "other", text: "For RHEL-8 it's downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn't shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it's not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25857", }, { category: "external", summary: "RHBZ#2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25857", url: "https://www.cve.org/CVERecord?id=CVE-2022-25857", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", }, { category: "external", summary: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", url: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", }, ], release_date: "2022-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", }, { cve: "CVE-2022-25858", discovery_date: "2022-09-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126277", }, ], notes: [ { category: "description", text: "A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", title: "Vulnerability description", }, { category: "summary", text: "terser: insecure use of regular expressions leads to ReDoS", title: "Vulnerability summary", }, { category: "other", text: "For OpenShift Do (odo) product terser is shipped only for using in static page generators for upstream, thus this represents no security risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25858", }, { category: "external", summary: "RHBZ#2126277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126277", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25858", url: "https://www.cve.org/CVERecord?id=CVE-2022-25858", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25858", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25858", }, ], release_date: "2022-07-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "terser: insecure use of regular expressions leads to ReDoS", }, { cve: "CVE-2022-26520", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, discovery_date: "2022-03-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2064007", }, ], notes: [ { category: "description", text: "A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.", title: "Vulnerability description", }, { category: "summary", text: "postgresql-jdbc: Arbitrary File Write Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat informs that although there's a difference from NVD CVSSv3 score there's a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it's needed. This require non-default configuration and also it's not expected to allow an untrusted user to perform this kind of setting.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-26520", }, { category: "external", summary: "RHBZ#2064007", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2064007", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-26520", url: "https://www.cve.org/CVERecord?id=CVE-2022-26520", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-26520", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-26520", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "postgresql-jdbc: Arbitrary File Write Vulnerability", }, { cve: "CVE-2022-31129", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-07-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2105075", }, ], notes: [ { category: "description", text: "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "moment: inefficient parsing algorithm resulting in DoS", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "RHBZ#2105075", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2105075", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-31129", url: "https://www.cve.org/CVERecord?id=CVE-2022-31129", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", }, { category: "external", summary: "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", url: "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", }, ], release_date: "2022-07-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "moment: inefficient parsing algorithm resulting in DoS", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, ], }
rhsa-2022:9023
Vulnerability from csaf_redhat
Published
2022-12-14 13:15
Modified
2025-04-14 02:02
Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
Notes
Topic
An update is now available for Red Hat build of Quarkus. Red Hat Product
Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus
* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE
* CVE-2022-37734 graphql-java: DoS by malicious query
* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS
* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE
* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* CVE-2022-42004 jackson-databind: use of deeply nested arrays
* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Quarkus. Red Hat Product\nSecurity has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus \n\n* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE\n\n* CVE-2022-37734 graphql-java: DoS by malicious query\n\n* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS\n\n* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE\n\n* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n\n* CVE-2022-42004 jackson-databind: use of deeply nested arrays \n\n* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:9023", url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/4966181", url: "https://access.redhat.com/articles/4966181", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=redhat.quarkus&version=2.13.5", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=redhat.quarkus&version=2.13.5", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "2129428", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129428", }, { category: "external", summary: "2135244", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135244", }, { category: "external", summary: "2135247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135247", }, { category: "external", summary: "2135435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135435", }, { category: "external", summary: "2137645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2137645", }, { category: "external", summary: "2144748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2144748", }, { category: "external", summary: "2148867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148867", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9023.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update", tracking: { current_release_date: "2025-04-14T02:02:56+00:00", generator: { date: "2025-04-14T02:02:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2022:9023", initial_release_date: "2022-12-14T13:15:01+00:00", revision_history: [ { date: "2022-12-14T13:15:01+00:00", number: "1", summary: "Initial version", }, { date: "2022-12-14T13:15:01+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-14T02:02:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Quarkus 2.13.5", product: { name: "Red Hat build of Quarkus 2.13.5", product_id: "Red Hat build of Quarkus 2.13.5", product_identification_helper: { cpe: "cpe:/a:redhat:quarkus:2.13", }, }, }, ], category: "product_family", name: "Red Hat build of Quarkus", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3171", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2022-10-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2137645", }, ], notes: [ { category: "description", text: "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.", title: "Vulnerability description", }, { category: "summary", text: "protobuf-java: timeout in parser leads to DoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-3171", }, { category: "external", summary: "RHBZ#2137645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2137645", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-3171", url: "https://www.cve.org/CVERecord?id=CVE-2022-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-3171", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2", url: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2", }, ], release_date: "2022-10-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "protobuf-java: timeout in parser leads to DoS", }, { acknowledgments: [ { names: [ "Joseph Beeton", ], organization: "Contrast Security", }, ], cve: "CVE-2022-4116", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2022-11-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2144748", }, ], notes: [ { category: "description", text: "A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4116", }, { category: "external", summary: "RHBZ#2144748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2144748", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4116", url: "https://www.cve.org/CVERecord?id=CVE-2022-4116", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4116", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4116", }, ], release_date: "2022-11-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE", }, { cve: "CVE-2022-4147", cwe: { id: "CWE-1026", name: "CWE-1026", }, discovery_date: "2022-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2148867", }, ], notes: [ { category: "description", text: "A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.", title: "Vulnerability description", }, { category: "summary", text: "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4147", }, { category: "external", summary: "RHBZ#2148867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148867", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4147", url: "https://www.cve.org/CVERecord?id=CVE-2022-4147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4147", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4147", }, ], release_date: "2022-11-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus", }, { cve: "CVE-2022-31197", cwe: { id: "CWE-89", name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, discovery_date: "2022-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129428", }, ], notes: [ { category: "description", text: "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.", title: "Vulnerability description", }, { category: "summary", text: "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names", title: "Vulnerability summary", }, { category: "other", text: "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-31197", }, { category: "external", summary: "RHBZ#2129428", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129428", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-31197", url: "https://www.cve.org/CVERecord?id=CVE-2022-31197", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-31197", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-31197", }, { category: "external", summary: "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2", url: "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2", }, ], release_date: "2022-08-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, { cve: "CVE-2022-42003", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135244", }, ], notes: [ { category: "description", text: "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42003", }, { category: "external", summary: "RHBZ#2135244", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135244", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42003", url: "https://www.cve.org/CVERecord?id=CVE-2022-42003", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", }, ], release_date: "2022-10-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", }, { cve: "CVE-2022-42004", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135247", }, ], notes: [ { category: "description", text: "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: use of deeply nested arrays", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42004", }, { category: "external", summary: "RHBZ#2135247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135247", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42004", url: "https://www.cve.org/CVERecord?id=CVE-2022-42004", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", }, ], release_date: "2022-10-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: use of deeply nested arrays", }, { cve: "CVE-2022-42889", cwe: { id: "CWE-1188", name: "Initialization of a Resource with an Insecure Default", }, discovery_date: "2022-10-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135435", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-text: variable interpolation RCE", title: "Vulnerability summary", }, { category: "other", text: "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42889", }, { category: "external", summary: "RHBZ#2135435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135435", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42889", url: "https://www.cve.org/CVERecord?id=CVE-2022-42889", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42889", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42889", }, { category: "external", summary: "https://blogs.apache.org/security/entry/cve-2022-42889", url: "https://blogs.apache.org/security/entry/cve-2022-42889", }, { category: "external", summary: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", url: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", }, { category: "external", summary: "https://seclists.org/oss-sec/2022/q4/22", url: "https://seclists.org/oss-sec/2022/q4/22", }, ], release_date: "2022-10-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "workaround", details: "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache-commons-text: variable interpolation RCE", }, ], }
rhsa-2022_6757
Vulnerability from csaf_redhat
Published
2022-10-05 14:50
Modified
2024-12-16 16:05
Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update
Notes
Topic
An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details
This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* graphql-java: DoS by malicious query (CVE-2022-37734)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:6757", url: "https://access.redhat.com/errata/RHSA-2022:6757", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.3.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.3.3", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index", url: "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index", }, { category: "external", summary: "2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "2129706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129706", }, { category: "external", summary: "2129707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129707", }, { category: "external", summary: "2129709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129709", }, { category: "external", summary: "2129710", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129710", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6757.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update", tracking: { current_release_date: "2024-12-16T16:05:35+00:00", generator: { date: "2024-12-16T16:05:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2022:6757", initial_release_date: "2022-10-05T14:50:01+00:00", revision_history: [ { date: "2022-10-05T14:50:01+00:00", number: "1", summary: "Initial version", }, { date: "2022-10-05T14:50:01+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-16T16:05:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Eclipse Vert.x 4.3.3", product: { name: "Red Hat build of Eclipse Vert.x 4.3.3", product_id: "Red Hat build of Eclipse Vert.x 4.3.3", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126789", }, ], notes: [ { category: "description", text: "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", title: "Vulnerability summary", }, { category: "other", text: "For RHEL-8 it's downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn't shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it's not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25857", }, { category: "external", summary: "RHBZ#2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25857", url: "https://www.cve.org/CVERecord?id=CVE-2022-25857", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", }, { category: "external", summary: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", url: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", }, ], release_date: "2022-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, { cve: "CVE-2022-38749", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129706", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38749", }, { category: "external", summary: "RHBZ#2129706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129706", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38749", url: "https://www.cve.org/CVERecord?id=CVE-2022-38749", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", }, { cve: "CVE-2022-38750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129707", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38750", }, { category: "external", summary: "RHBZ#2129707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129707", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38750", url: "https://www.cve.org/CVERecord?id=CVE-2022-38750", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", }, { cve: "CVE-2022-38751", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129709", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38751", }, { category: "external", summary: "RHBZ#2129709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129709", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38751", url: "https://www.cve.org/CVERecord?id=CVE-2022-38751", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", }, { cve: "CVE-2022-38752", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129710", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38752", }, { category: "external", summary: "RHBZ#2129710", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129710", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38752", url: "https://www.cve.org/CVERecord?id=CVE-2022-38752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38752", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38752", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode", }, ], }
rhsa-2022_6835
Vulnerability from csaf_redhat
Published
2022-10-06 12:26
Modified
2024-12-18 00:37
Summary
Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]
Notes
Topic
An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.
Security Fix(es):
* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)
* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)
* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)
* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)
* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)
* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)
* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)
* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)
* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)
* graphql-java: DoS by malicious query (CVE-2022-37734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.\n\nSecurity Fix(es):\n\n* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)\n\n* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)\n\n* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)\n\n* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)\n\n* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)\n\n* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)\n\n* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)\n\n* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:6835", url: "https://access.redhat.com/errata/RHSA-2022:6835", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2004133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004133", }, { category: "external", summary: "2004135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004135", }, { category: "external", summary: "2024632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024632", }, { category: "external", summary: "2039903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2039903", }, { category: "external", summary: "2044591", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044591", }, { category: "external", summary: "2050863", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050863", }, { category: "external", summary: "2053259", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2053259", }, { category: "external", summary: "2056643", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056643", }, { category: "external", summary: "2062520", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2062520", }, { category: "external", summary: "2064007", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2064007", }, { category: "external", summary: "2067387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067387", }, { category: "external", summary: "2067458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067458", }, { category: "external", summary: "2067461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067461", }, { category: "external", summary: "2080850", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2080850", }, { category: "external", summary: "2105075", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2105075", }, { category: "external", summary: "2126277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126277", }, { category: "external", summary: "2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6835.json", }, ], title: "Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]", tracking: { current_release_date: "2024-12-18T00:37:04+00:00", generator: { date: "2024-12-18T00:37:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2022:6835", initial_release_date: "2022-10-06T12:26:20+00:00", revision_history: [ { date: "2022-10-06T12:26:20+00:00", number: "1", summary: "Initial version", }, { date: "2022-10-06T12:26:20+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-18T00:37:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHINT Service Registry 2.3.0 GA", product: { name: "RHINT Service Registry 2.3.0 GA", product_id: "RHINT Service Registry 2.3.0 GA", product_identification_helper: { cpe: "cpe:/a:redhat:service_registry:2.3", }, }, }, ], category: "product_family", name: "Red Hat Integration", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2021-22569", cwe: { id: "CWE-696", name: "Incorrect Behavior Order", }, discovery_date: "2022-01-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2039903", }, ], notes: [ { category: "description", text: "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "protobuf-java: potential DoS in the parsing procedure for binary data", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-22569", }, { category: "external", summary: "RHBZ#2039903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2039903", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-22569", url: "https://www.cve.org/CVERecord?id=CVE-2021-22569", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-22569", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-22569", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b", url: "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67", url: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67", }, ], release_date: "2022-01-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "protobuf-java: potential DoS in the parsing procedure for binary data", }, { cve: "CVE-2021-37136", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2004133", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data", title: "Vulnerability summary", }, { category: "other", text: "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-37136", }, { category: "external", summary: "RHBZ#2004133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004133", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-37136", url: "https://www.cve.org/CVERecord?id=CVE-2021-37136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-37136", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-37136", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", url: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", }, ], release_date: "2021-09-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data", }, { cve: "CVE-2021-37137", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2004135", }, ], notes: [ { category: "description", text: "A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-37137", }, { category: "external", summary: "RHBZ#2004135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-37137", url: "https://www.cve.org/CVERecord?id=CVE-2021-37137", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-37137", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-37137", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", url: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", }, ], release_date: "2021-09-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way", }, { cve: "CVE-2021-41269", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2021-11-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2024632", }, ], notes: [ { category: "description", text: "A flaw was found in cron-utils. This flaw allows an attacker to perform unauthenticated Remote Code Execution (RCE) via Java Expression Language (EL) injection.", title: "Vulnerability description", }, { category: "summary", text: "cron-utils: template Injection leading to unauthenticated Remote Code Execution", title: "Vulnerability summary", }, { category: "other", text: "Only projects using the @Cron annotation to validate untrusted Cron expressions are affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41269", }, { category: "external", summary: "RHBZ#2024632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024632", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41269", url: "https://www.cve.org/CVERecord?id=CVE-2021-41269", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41269", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41269", }, ], release_date: "2021-11-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "cron-utils: template Injection leading to unauthenticated Remote Code Execution", }, { cve: "CVE-2022-0235", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2022-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044591", }, ], notes: [ { category: "description", text: "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", title: "Vulnerability description", }, { category: "summary", text: "node-fetch: exposure of sensitive information to an unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0235", }, { category: "external", summary: "RHBZ#2044591", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044591", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0235", url: "https://www.cve.org/CVERecord?id=CVE-2022-0235", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", }, { category: "external", summary: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", url: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", }, ], release_date: "2022-01-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "node-fetch: exposure of sensitive information to an unauthorized actor", }, { cve: "CVE-2022-0536", cwe: { id: "CWE-212", name: "Improper Removal of Sensitive Information Before Storage or Transfer", }, discovery_date: "2022-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2053259", }, ], notes: [ { category: "description", text: "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.", title: "Vulnerability description", }, { category: "summary", text: "follow-redirects: Exposure of Sensitive Information via Authorization Header leak", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0536", }, { category: "external", summary: "RHBZ#2053259", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2053259", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0536", url: "https://www.cve.org/CVERecord?id=CVE-2022-0536", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0536", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0536", }, ], release_date: "2022-02-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "follow-redirects: Exposure of Sensitive Information via Authorization Header leak", }, { acknowledgments: [ { names: [ "Sanne Grinovero", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2022-0981", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2022-02-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2062520", }, ], notes: [ { category: "description", text: "A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.", title: "Vulnerability description", }, { category: "summary", text: "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus", title: "Vulnerability summary", }, { category: "other", text: "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0981", }, { category: "external", summary: "RHBZ#2062520", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2062520", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0981", url: "https://www.cve.org/CVERecord?id=CVE-2022-0981", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0981", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0981", }, { category: "external", summary: "https://github.com/quarkusio/quarkus/issues/23269", url: "https://github.com/quarkusio/quarkus/issues/23269", }, ], release_date: "2022-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus", }, { cve: "CVE-2022-21724", cwe: { id: "CWE-665", name: "Improper Initialization", }, discovery_date: "2022-02-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2050863", }, ], notes: [ { category: "description", text: "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.", title: "Vulnerability description", }, { category: "summary", text: "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes", title: "Vulnerability summary", }, { category: "other", text: "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-21724", }, { category: "external", summary: "RHBZ#2050863", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050863", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-21724", url: "https://www.cve.org/CVERecord?id=CVE-2022-21724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-21724", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-21724", }, { category: "external", summary: "https://github.com/advisories/GHSA-v7wg-cpwc-24m4", url: "https://github.com/advisories/GHSA-v7wg-cpwc-24m4", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes", }, { cve: "CVE-2022-23647", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2022-02-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2056643", }, ], notes: [ { category: "description", text: "A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.", title: "Vulnerability description", }, { category: "summary", text: "prismjs: improperly escaped output allows a XSS", title: "Vulnerability summary", }, { category: "other", text: "This issue affects Prism as shipped with all versions of Red Hat Ceph Storage, Red Hat Migration Toolkit for Virtualization, Red Hat OpenShift Container Platform, Red Hat OpenShift Service Mesh, Red Hat Advanced Cluster Security, and Red Hat Gluster Storage. However, this flaw is not known to be exploitable under any supported scenario, as websites that do not use the Command Line plugin are also not impacted. The above products do not use the Command Line plugin, thus, are marked not affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23647", }, { category: "external", summary: "RHBZ#2056643", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056643", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23647", url: "https://www.cve.org/CVERecord?id=CVE-2022-23647", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23647", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23647", }, { category: "external", summary: "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99", url: "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99", }, ], release_date: "2022-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "prismjs: improperly escaped output allows a XSS", }, { cve: "CVE-2022-24771", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067387", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery", title: "Vulnerability summary", }, { category: "other", text: "This flaw affects the DigestAlgorithm structure.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24771", }, { category: "external", summary: "RHBZ#2067387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067387", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24771", url: "https://www.cve.org/CVERecord?id=CVE-2022-24771", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24771", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24771", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery", }, { cve: "CVE-2022-24772", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067458", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery", title: "Vulnerability summary", }, { category: "other", text: "This flaw affects the DigestInfo ASN.1 structure.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24772", }, { category: "external", summary: "RHBZ#2067458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067458", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24772", url: "https://www.cve.org/CVERecord?id=CVE-2022-24772", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24772", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24772", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery", }, { cve: "CVE-2022-24773", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067461", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification leniency in checking `DigestInfo` structure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24773", }, { category: "external", summary: "RHBZ#2067461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067461", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24773", url: "https://www.cve.org/CVERecord?id=CVE-2022-24773", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24773", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24773", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification leniency in checking `DigestInfo` structure", }, { cve: "CVE-2022-25647", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-05-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2080850", }, ], notes: [ { category: "description", text: "A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.", title: "Vulnerability description", }, { category: "summary", text: "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25647", }, { category: "external", summary: "RHBZ#2080850", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2080850", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25647", url: "https://www.cve.org/CVERecord?id=CVE-2022-25647", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25647", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25647", }, ], release_date: "2022-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson", }, { cve: "CVE-2022-25857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126789", }, ], notes: [ { category: "description", text: "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", title: "Vulnerability summary", }, { category: "other", text: "For RHEL-8 it's downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn't shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it's not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25857", }, { category: "external", summary: "RHBZ#2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25857", url: "https://www.cve.org/CVERecord?id=CVE-2022-25857", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", }, { category: "external", summary: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", url: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", }, ], release_date: "2022-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", }, { cve: "CVE-2022-25858", discovery_date: "2022-09-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126277", }, ], notes: [ { category: "description", text: "A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", title: "Vulnerability description", }, { category: "summary", text: "terser: insecure use of regular expressions leads to ReDoS", title: "Vulnerability summary", }, { category: "other", text: "For OpenShift Do (odo) product terser is shipped only for using in static page generators for upstream, thus this represents no security risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25858", }, { category: "external", summary: "RHBZ#2126277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126277", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25858", url: "https://www.cve.org/CVERecord?id=CVE-2022-25858", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25858", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25858", }, ], release_date: "2022-07-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "terser: insecure use of regular expressions leads to ReDoS", }, { cve: "CVE-2022-26520", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, discovery_date: "2022-03-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2064007", }, ], notes: [ { category: "description", text: "A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.", title: "Vulnerability description", }, { category: "summary", text: "postgresql-jdbc: Arbitrary File Write Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat informs that although there's a difference from NVD CVSSv3 score there's a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it's needed. This require non-default configuration and also it's not expected to allow an untrusted user to perform this kind of setting.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-26520", }, { category: "external", summary: "RHBZ#2064007", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2064007", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-26520", url: "https://www.cve.org/CVERecord?id=CVE-2022-26520", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-26520", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-26520", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "postgresql-jdbc: Arbitrary File Write Vulnerability", }, { cve: "CVE-2022-31129", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-07-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2105075", }, ], notes: [ { category: "description", text: "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "moment: inefficient parsing algorithm resulting in DoS", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "RHBZ#2105075", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2105075", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-31129", url: "https://www.cve.org/CVERecord?id=CVE-2022-31129", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", }, { category: "external", summary: "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", url: "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", }, ], release_date: "2022-07-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "moment: inefficient parsing algorithm resulting in DoS", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, ], }
RHSA-2022:6835
Vulnerability from csaf_redhat
Published
2022-10-06 12:26
Modified
2025-04-18 18:48
Summary
Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]
Notes
Topic
An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.
Security Fix(es):
* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)
* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)
* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)
* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)
* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)
* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)
* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)
* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)
* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)
* graphql-java: DoS by malicious query (CVE-2022-37734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.\n\nSecurity Fix(es):\n\n* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)\n\n* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)\n\n* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)\n\n* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)\n\n* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)\n\n* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)\n\n* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)\n\n* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:6835", url: "https://access.redhat.com/errata/RHSA-2022:6835", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2004133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004133", }, { category: "external", summary: "2004135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004135", }, { category: "external", summary: "2024632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024632", }, { category: "external", summary: "2039903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2039903", }, { category: "external", summary: "2044591", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044591", }, { category: "external", summary: "2050863", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050863", }, { category: "external", summary: "2053259", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2053259", }, { category: "external", summary: "2056643", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056643", }, { category: "external", summary: "2062520", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2062520", }, { category: "external", summary: "2064007", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2064007", }, { category: "external", summary: "2067387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067387", }, { category: "external", summary: "2067458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067458", }, { category: "external", summary: "2067461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067461", }, { category: "external", summary: "2080850", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2080850", }, { category: "external", summary: "2105075", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2105075", }, { category: "external", summary: "2126277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126277", }, { category: "external", summary: "2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6835.json", }, ], title: "Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]", tracking: { current_release_date: "2025-04-18T18:48:34+00:00", generator: { date: "2025-04-18T18:48:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2022:6835", initial_release_date: "2022-10-06T12:26:20+00:00", revision_history: [ { date: "2022-10-06T12:26:20+00:00", number: "1", summary: "Initial version", }, { date: "2022-10-06T12:26:20+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-18T18:48:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHINT Service Registry 2.3.0 GA", product: { name: "RHINT Service Registry 2.3.0 GA", product_id: "RHINT Service Registry 2.3.0 GA", product_identification_helper: { cpe: "cpe:/a:redhat:service_registry:2.3", }, }, }, ], category: "product_family", name: "Red Hat Integration", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2021-22569", cwe: { id: "CWE-696", name: "Incorrect Behavior Order", }, discovery_date: "2022-01-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2039903", }, ], notes: [ { category: "description", text: "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "protobuf-java: potential DoS in the parsing procedure for binary data", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-22569", }, { category: "external", summary: "RHBZ#2039903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2039903", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-22569", url: "https://www.cve.org/CVERecord?id=CVE-2021-22569", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-22569", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-22569", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b", url: "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67", url: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67", }, ], release_date: "2022-01-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "protobuf-java: potential DoS in the parsing procedure for binary data", }, { cve: "CVE-2021-37136", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2004133", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data", title: "Vulnerability summary", }, { category: "other", text: "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-37136", }, { category: "external", summary: "RHBZ#2004133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004133", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-37136", url: "https://www.cve.org/CVERecord?id=CVE-2021-37136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-37136", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-37136", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", url: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", }, ], release_date: "2021-09-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data", }, { cve: "CVE-2021-37137", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2004135", }, ], notes: [ { category: "description", text: "A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-37137", }, { category: "external", summary: "RHBZ#2004135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2004135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-37137", url: "https://www.cve.org/CVERecord?id=CVE-2021-37137", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-37137", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-37137", }, { category: "external", summary: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", url: "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", }, ], release_date: "2021-09-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way", }, { cve: "CVE-2021-41269", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2021-11-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2024632", }, ], notes: [ { category: "description", text: "A flaw was found in cron-utils. This flaw allows an attacker to perform unauthenticated Remote Code Execution (RCE) via Java Expression Language (EL) injection.", title: "Vulnerability description", }, { category: "summary", text: "cron-utils: template Injection leading to unauthenticated Remote Code Execution", title: "Vulnerability summary", }, { category: "other", text: "Only projects using the @Cron annotation to validate untrusted Cron expressions are affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41269", }, { category: "external", summary: "RHBZ#2024632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024632", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41269", url: "https://www.cve.org/CVERecord?id=CVE-2021-41269", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41269", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41269", }, ], release_date: "2021-11-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "cron-utils: template Injection leading to unauthenticated Remote Code Execution", }, { cve: "CVE-2022-0235", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, discovery_date: "2022-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044591", }, ], notes: [ { category: "description", text: "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", title: "Vulnerability description", }, { category: "summary", text: "node-fetch: exposure of sensitive information to an unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0235", }, { category: "external", summary: "RHBZ#2044591", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044591", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0235", url: "https://www.cve.org/CVERecord?id=CVE-2022-0235", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", }, { category: "external", summary: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", url: "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", }, ], release_date: "2022-01-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "node-fetch: exposure of sensitive information to an unauthorized actor", }, { cve: "CVE-2022-0536", cwe: { id: "CWE-212", name: "Improper Removal of Sensitive Information Before Storage or Transfer", }, discovery_date: "2022-02-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2053259", }, ], notes: [ { category: "description", text: "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.", title: "Vulnerability description", }, { category: "summary", text: "follow-redirects: Exposure of Sensitive Information via Authorization Header leak", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0536", }, { category: "external", summary: "RHBZ#2053259", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2053259", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0536", url: "https://www.cve.org/CVERecord?id=CVE-2022-0536", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0536", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0536", }, ], release_date: "2022-02-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "follow-redirects: Exposure of Sensitive Information via Authorization Header leak", }, { acknowledgments: [ { names: [ "Sanne Grinovero", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2022-0981", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2022-02-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2062520", }, ], notes: [ { category: "description", text: "A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.", title: "Vulnerability description", }, { category: "summary", text: "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus", title: "Vulnerability summary", }, { category: "other", text: "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-0981", }, { category: "external", summary: "RHBZ#2062520", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2062520", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-0981", url: "https://www.cve.org/CVERecord?id=CVE-2022-0981", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-0981", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0981", }, { category: "external", summary: "https://github.com/quarkusio/quarkus/issues/23269", url: "https://github.com/quarkusio/quarkus/issues/23269", }, ], release_date: "2022-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus", }, { cve: "CVE-2022-21724", cwe: { id: "CWE-665", name: "Improper Initialization", }, discovery_date: "2022-02-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2050863", }, ], notes: [ { category: "description", text: "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.", title: "Vulnerability description", }, { category: "summary", text: "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes", title: "Vulnerability summary", }, { category: "other", text: "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-21724", }, { category: "external", summary: "RHBZ#2050863", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050863", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-21724", url: "https://www.cve.org/CVERecord?id=CVE-2022-21724", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-21724", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-21724", }, { category: "external", summary: "https://github.com/advisories/GHSA-v7wg-cpwc-24m4", url: "https://github.com/advisories/GHSA-v7wg-cpwc-24m4", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes", }, { cve: "CVE-2022-23647", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2022-02-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2056643", }, ], notes: [ { category: "description", text: "A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.", title: "Vulnerability description", }, { category: "summary", text: "prismjs: improperly escaped output allows a XSS", title: "Vulnerability summary", }, { category: "other", text: "This issue affects Prism as shipped with all versions of Red Hat Ceph Storage, Red Hat Migration Toolkit for Virtualization, Red Hat OpenShift Container Platform, Red Hat OpenShift Service Mesh, Red Hat Advanced Cluster Security, and Red Hat Gluster Storage. However, this flaw is not known to be exploitable under any supported scenario, as websites that do not use the Command Line plugin are also not impacted. The above products do not use the Command Line plugin, thus, are marked not affected.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23647", }, { category: "external", summary: "RHBZ#2056643", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056643", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23647", url: "https://www.cve.org/CVERecord?id=CVE-2022-23647", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23647", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23647", }, { category: "external", summary: "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99", url: "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99", }, ], release_date: "2022-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "prismjs: improperly escaped output allows a XSS", }, { cve: "CVE-2022-24771", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067387", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery", title: "Vulnerability summary", }, { category: "other", text: "This flaw affects the DigestAlgorithm structure.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24771", }, { category: "external", summary: "RHBZ#2067387", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067387", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24771", url: "https://www.cve.org/CVERecord?id=CVE-2022-24771", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24771", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24771", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery", }, { cve: "CVE-2022-24772", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067458", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery", title: "Vulnerability summary", }, { category: "other", text: "This flaw affects the DigestInfo ASN.1 structure.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24772", }, { category: "external", summary: "RHBZ#2067458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067458", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24772", url: "https://www.cve.org/CVERecord?id=CVE-2022-24772", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24772", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24772", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery", }, { cve: "CVE-2022-24773", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2022-03-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2067461", }, ], notes: [ { category: "description", text: "A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.", title: "Vulnerability description", }, { category: "summary", text: "node-forge: Signature verification leniency in checking `DigestInfo` structure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-24773", }, { category: "external", summary: "RHBZ#2067461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2067461", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-24773", url: "https://www.cve.org/CVERecord?id=CVE-2022-24773", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-24773", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-24773", }, { category: "external", summary: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr", url: "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr", }, ], release_date: "2022-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "node-forge: Signature verification leniency in checking `DigestInfo` structure", }, { cve: "CVE-2022-25647", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-05-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2080850", }, ], notes: [ { category: "description", text: "A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.", title: "Vulnerability description", }, { category: "summary", text: "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25647", }, { category: "external", summary: "RHBZ#2080850", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2080850", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25647", url: "https://www.cve.org/CVERecord?id=CVE-2022-25647", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25647", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25647", }, ], release_date: "2022-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson", }, { cve: "CVE-2022-25857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126789", }, ], notes: [ { category: "description", text: "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", title: "Vulnerability summary", }, { category: "other", text: "For RHEL-8 it's downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn't shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it's not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25857", }, { category: "external", summary: "RHBZ#2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25857", url: "https://www.cve.org/CVERecord?id=CVE-2022-25857", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", }, { category: "external", summary: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", url: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", }, ], release_date: "2022-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", }, { cve: "CVE-2022-25858", discovery_date: "2022-09-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126277", }, ], notes: [ { category: "description", text: "A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", title: "Vulnerability description", }, { category: "summary", text: "terser: insecure use of regular expressions leads to ReDoS", title: "Vulnerability summary", }, { category: "other", text: "For OpenShift Do (odo) product terser is shipped only for using in static page generators for upstream, thus this represents no security risk.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25858", }, { category: "external", summary: "RHBZ#2126277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126277", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25858", url: "https://www.cve.org/CVERecord?id=CVE-2022-25858", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25858", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25858", }, ], release_date: "2022-07-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "terser: insecure use of regular expressions leads to ReDoS", }, { cve: "CVE-2022-26520", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, discovery_date: "2022-03-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2064007", }, ], notes: [ { category: "description", text: "A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.", title: "Vulnerability description", }, { category: "summary", text: "postgresql-jdbc: Arbitrary File Write Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat informs that although there's a difference from NVD CVSSv3 score there's a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it's needed. This require non-default configuration and also it's not expected to allow an untrusted user to perform this kind of setting.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-26520", }, { category: "external", summary: "RHBZ#2064007", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2064007", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-26520", url: "https://www.cve.org/CVERecord?id=CVE-2022-26520", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-26520", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-26520", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "postgresql-jdbc: Arbitrary File Write Vulnerability", }, { cve: "CVE-2022-31129", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-07-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2105075", }, ], notes: [ { category: "description", text: "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.", title: "Vulnerability description", }, { category: "summary", text: "moment: inefficient parsing algorithm resulting in DoS", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "RHBZ#2105075", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2105075", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-31129", url: "https://www.cve.org/CVERecord?id=CVE-2022-31129", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-31129", }, { category: "external", summary: "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", url: "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g", }, ], release_date: "2022-07-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "moment: inefficient parsing algorithm resulting in DoS", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "RHINT Service Registry 2.3.0 GA", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-06T12:26:20+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "RHINT Service Registry 2.3.0 GA", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6835", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "RHINT Service Registry 2.3.0 GA", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, ], }
rhsa-2022_9023
Vulnerability from csaf_redhat
Published
2022-12-14 13:15
Modified
2024-12-16 16:05
Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
Notes
Topic
An update is now available for Red Hat build of Quarkus. Red Hat Product
Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus
* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE
* CVE-2022-37734 graphql-java: DoS by malicious query
* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS
* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE
* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* CVE-2022-42004 jackson-databind: use of deeply nested arrays
* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Quarkus. Red Hat Product\nSecurity has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus \n\n* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE\n\n* CVE-2022-37734 graphql-java: DoS by malicious query\n\n* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS\n\n* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE\n\n* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n\n* CVE-2022-42004 jackson-databind: use of deeply nested arrays \n\n* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:9023", url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/4966181", url: "https://access.redhat.com/articles/4966181", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=redhat.quarkus&version=2.13.5", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=redhat.quarkus&version=2.13.5", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "2129428", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129428", }, { category: "external", summary: "2135244", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135244", }, { category: "external", summary: "2135247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135247", }, { category: "external", summary: "2135435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135435", }, { category: "external", summary: "2137645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2137645", }, { category: "external", summary: "2144748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2144748", }, { category: "external", summary: "2148867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148867", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9023.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update", tracking: { current_release_date: "2024-12-16T16:05:53+00:00", generator: { date: "2024-12-16T16:05:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2022:9023", initial_release_date: "2022-12-14T13:15:01+00:00", revision_history: [ { date: "2022-12-14T13:15:01+00:00", number: "1", summary: "Initial version", }, { date: "2022-12-14T13:15:01+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-16T16:05:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Quarkus 2.13.5", product: { name: "Red Hat build of Quarkus 2.13.5", product_id: "Red Hat build of Quarkus 2.13.5", product_identification_helper: { cpe: "cpe:/a:redhat:quarkus:2.13", }, }, }, ], category: "product_family", name: "Red Hat build of Quarkus", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-3171", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2022-10-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2137645", }, ], notes: [ { category: "description", text: "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.", title: "Vulnerability description", }, { category: "summary", text: "protobuf-java: timeout in parser leads to DoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-3171", }, { category: "external", summary: "RHBZ#2137645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2137645", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-3171", url: "https://www.cve.org/CVERecord?id=CVE-2022-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-3171", }, { category: "external", summary: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2", url: "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2", }, ], release_date: "2022-10-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "protobuf-java: timeout in parser leads to DoS", }, { acknowledgments: [ { names: [ "Joseph Beeton", ], organization: "Contrast Security", }, ], cve: "CVE-2022-4116", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2022-11-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2144748", }, ], notes: [ { category: "description", text: "A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4116", }, { category: "external", summary: "RHBZ#2144748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2144748", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4116", url: "https://www.cve.org/CVERecord?id=CVE-2022-4116", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4116", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4116", }, ], release_date: "2022-11-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE", }, { cve: "CVE-2022-4147", cwe: { id: "CWE-1026", name: "CWE-1026", }, discovery_date: "2022-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2148867", }, ], notes: [ { category: "description", text: "A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.", title: "Vulnerability description", }, { category: "summary", text: "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4147", }, { category: "external", summary: "RHBZ#2148867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2148867", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4147", url: "https://www.cve.org/CVERecord?id=CVE-2022-4147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4147", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4147", }, ], release_date: "2022-11-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus", }, { cve: "CVE-2022-31197", cwe: { id: "CWE-89", name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, discovery_date: "2022-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129428", }, ], notes: [ { category: "description", text: "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.", title: "Vulnerability description", }, { category: "summary", text: "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names", title: "Vulnerability summary", }, { category: "other", text: "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-31197", }, { category: "external", summary: "RHBZ#2129428", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129428", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-31197", url: "https://www.cve.org/CVERecord?id=CVE-2022-31197", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-31197", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-31197", }, { category: "external", summary: "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2", url: "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2", }, ], release_date: "2022-08-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, { cve: "CVE-2022-42003", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135244", }, ], notes: [ { category: "description", text: "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42003", }, { category: "external", summary: "RHBZ#2135244", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135244", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42003", url: "https://www.cve.org/CVERecord?id=CVE-2022-42003", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", }, ], release_date: "2022-10-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", }, { cve: "CVE-2022-42004", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-10-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135247", }, ], notes: [ { category: "description", text: "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", title: "Vulnerability description", }, { category: "summary", text: "jackson-databind: use of deeply nested arrays", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42004", }, { category: "external", summary: "RHBZ#2135247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135247", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42004", url: "https://www.cve.org/CVERecord?id=CVE-2022-42004", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", }, ], release_date: "2022-10-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jackson-databind: use of deeply nested arrays", }, { cve: "CVE-2022-42889", cwe: { id: "CWE-1188", name: "Initialization of a Resource with an Insecure Default", }, discovery_date: "2022-10-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2135435", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.", title: "Vulnerability description", }, { category: "summary", text: "apache-commons-text: variable interpolation RCE", title: "Vulnerability summary", }, { category: "other", text: "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Quarkus 2.13.5", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-42889", }, { category: "external", summary: "RHBZ#2135435", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2135435", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-42889", url: "https://www.cve.org/CVERecord?id=CVE-2022-42889", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-42889", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-42889", }, { category: "external", summary: "https://blogs.apache.org/security/entry/cve-2022-42889", url: "https://blogs.apache.org/security/entry/cve-2022-42889", }, { category: "external", summary: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", url: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", }, { category: "external", summary: "https://seclists.org/oss-sec/2022/q4/22", url: "https://seclists.org/oss-sec/2022/q4/22", }, ], release_date: "2022-10-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-12-14T13:15:01+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "workaround", details: "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.", product_ids: [ "Red Hat build of Quarkus 2.13.5", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat build of Quarkus 2.13.5", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache-commons-text: variable interpolation RCE", }, ], }
RHSA-2022:6757
Vulnerability from csaf_redhat
Published
2022-10-05 14:50
Modified
2025-04-14 02:01
Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update
Notes
Topic
An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details
This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* graphql-java: DoS by malicious query (CVE-2022-37734)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.", title: "Topic", }, { category: "general", text: "This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:6757", url: "https://access.redhat.com/errata/RHSA-2022:6757", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.3.3", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.3.3", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index", url: "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index", }, { category: "external", summary: "2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "2129706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129706", }, { category: "external", summary: "2129707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129707", }, { category: "external", summary: "2129709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129709", }, { category: "external", summary: "2129710", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129710", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6757.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update", tracking: { current_release_date: "2025-04-14T02:01:45+00:00", generator: { date: "2025-04-14T02:01:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2022:6757", initial_release_date: "2022-10-05T14:50:01+00:00", revision_history: [ { date: "2022-10-05T14:50:01+00:00", number: "1", summary: "Initial version", }, { date: "2022-10-05T14:50:01+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-14T02:01:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat build of Eclipse Vert.x 4.3.3", product: { name: "Red Hat build of Eclipse Vert.x 4.3.3", product_id: "Red Hat build of Eclipse Vert.x 4.3.3", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_application_runtimes:1.0", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Application Runtimes", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126789", }, ], notes: [ { category: "description", text: "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", title: "Vulnerability summary", }, { category: "other", text: "For RHEL-8 it's downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn't shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it's not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25857", }, { category: "external", summary: "RHBZ#2126789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126789", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25857", url: "https://www.cve.org/CVERecord?id=CVE-2022-25857", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25857", }, { category: "external", summary: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", url: "https://bitbucket.org/snakeyaml/snakeyaml/issues/525", }, ], release_date: "2022-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "snakeyaml: Denial of Service due to missing nested depth limitation for collections", }, { cve: "CVE-2022-37734", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2022-09-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2126809", }, ], notes: [ { category: "description", text: "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.", title: "Vulnerability description", }, { category: "summary", text: "graphql-java: DoS by malicious query", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-37734", }, { category: "external", summary: "RHBZ#2126809", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2126809", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-37734", url: "https://www.cve.org/CVERecord?id=CVE-2022-37734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, ], release_date: "2022-09-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "graphql-java: DoS by malicious query", }, { cve: "CVE-2022-38749", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129706", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38749", }, { category: "external", summary: "RHBZ#2129706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129706", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38749", url: "https://www.cve.org/CVERecord?id=CVE-2022-38749", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38749", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode", }, { cve: "CVE-2022-38750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129707", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38750", }, { category: "external", summary: "RHBZ#2129707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129707", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38750", url: "https://www.cve.org/CVERecord?id=CVE-2022-38750", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38750", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject", }, { cve: "CVE-2022-38751", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129709", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38751", }, { category: "external", summary: "RHBZ#2129709", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129709", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38751", url: "https://www.cve.org/CVERecord?id=CVE-2022-38751", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38751", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match", }, { cve: "CVE-2022-38752", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2022-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2129710", }, ], notes: [ { category: "description", text: "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.", title: "Vulnerability description", }, { category: "summary", text: "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-38752", }, { category: "external", summary: "RHBZ#2129710", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2129710", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-38752", url: "https://www.cve.org/CVERecord?id=CVE-2022-38752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-38752", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-38752", }, ], release_date: "2022-09-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-10-05T14:50:01+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", product_ids: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:6757", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat build of Eclipse Vert.x 4.3.3", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode", }, ], }
ghsa-v62j-cxhh-fq22
Vulnerability from github
Published
2022-09-13 00:00
Modified
2022-09-16 21:00
Severity ?
Summary
graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources
Details
graphql-java before 19.0, 18.3, and 17.4 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0, 18.3, and 17.4.
{ affected: [ { package: { ecosystem: "Maven", name: "com.graphql-java:graphql-java", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "17.4", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Maven", name: "com.graphql-java:graphql-java", }, ranges: [ { events: [ { introduced: "18.0", }, { fixed: "18.3", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2022-37734", ], database_specific: { cwe_ids: [ "CWE-400", ], github_reviewed: true, github_reviewed_at: "2022-09-16T21:00:08Z", nvd_published_at: "2022-09-12T14:15:00Z", severity: "HIGH", }, details: "graphql-java before 19.0, 18.3, and 17.4 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0, 18.3, and 17.4.", id: "GHSA-v62j-cxhh-fq22", modified: "2022-09-16T21:00:08Z", published: "2022-09-13T00:00:39Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-37734", }, { type: "WEB", url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { type: "WEB", url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { type: "PACKAGE", url: "https://github.com/graphql-java/graphql-java", }, { type: "WEB", url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { type: "WEB", url: "https://github.com/graphql-java/graphql-java/releases", }, { type: "WEB", url: "https://security.snyk.io/vuln/SNYK-JAVA-COMGRAPHQLJAVA-3021519", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], summary: "graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources", }
WID-SEC-W-2023-1403
Vulnerability from csaf_certbund
Published
2023-06-08 22:00
Modified
2023-06-08 22:00
Summary
IBM Maximo Asset Management: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen oder einen Denial of Service zu verursachen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen oder einen Denial of Service zu verursachen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1403 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1403.json", }, { category: "self", summary: "WID-SEC-2023-1403 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1403", }, { category: "external", summary: "IBM Security Bulletin vom 2023-06-08", url: "https://www.ibm.com/support/pages/node/7002311", }, { category: "external", summary: "IBM Security Bulletin vom 2023-06-08", url: "https://www.ibm.com/support/pages/node/7002307", }, ], source_lang: "en-US", title: "IBM Maximo Asset Management: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-08T22:00:00.000+00:00", generator: { date: "2024-08-15T17:52:08.085+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1403", initial_release_date: "2023-06-08T22:00:00.000+00:00", revision_history: [ { date: "2023-06-08T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "IBM Maximo Asset Management 7.6.1.3", product: { name: "IBM Maximo Asset Management 7.6.1.3", product_id: "1234217", product_identification_helper: { cpe: "cpe:/a:ibm:maximo_asset_management:7.6.1.3", }, }, }, { category: "product_name", name: "IBM Maximo Asset Management 7.6.1.2", product: { name: "IBM Maximo Asset Management 7.6.1.2", product_id: "812526", product_identification_helper: { cpe: "cpe:/a:ibm:maximo_asset_management:7.6.1.2", }, }, }, ], category: "product_name", name: "Maximo Asset Management", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2022-37734", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in IBM Maximo Asset Management. Das Problem besteht in GraphQL Java. Beim Verarbeiten einer speziell gestalteten Anfrage mit Richtlinienüberladung kann ein unkontrollierter Ressourcenverbrauch herbeigeführt werden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "812526", "1234217", ], }, release_date: "2023-06-08T22:00:00.000+00:00", title: "CVE-2022-37734", }, { cve: "CVE-2022-36033", notes: [ { category: "description", text: "In IBM Maximo Asset Management existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in jsoup nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "812526", "1234217", ], }, release_date: "2023-06-08T22:00:00.000+00:00", title: "CVE-2022-36033", }, ], }
wid-sec-w-2023-1403
Vulnerability from csaf_certbund
Published
2023-06-08 22:00
Modified
2023-06-08 22:00
Summary
IBM Maximo Asset Management: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen oder einen Denial of Service zu verursachen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen oder einen Denial of Service zu verursachen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1403 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1403.json", }, { category: "self", summary: "WID-SEC-2023-1403 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1403", }, { category: "external", summary: "IBM Security Bulletin vom 2023-06-08", url: "https://www.ibm.com/support/pages/node/7002311", }, { category: "external", summary: "IBM Security Bulletin vom 2023-06-08", url: "https://www.ibm.com/support/pages/node/7002307", }, ], source_lang: "en-US", title: "IBM Maximo Asset Management: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-08T22:00:00.000+00:00", generator: { date: "2024-08-15T17:52:08.085+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1403", initial_release_date: "2023-06-08T22:00:00.000+00:00", revision_history: [ { date: "2023-06-08T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "IBM Maximo Asset Management 7.6.1.3", product: { name: "IBM Maximo Asset Management 7.6.1.3", product_id: "1234217", product_identification_helper: { cpe: "cpe:/a:ibm:maximo_asset_management:7.6.1.3", }, }, }, { category: "product_name", name: "IBM Maximo Asset Management 7.6.1.2", product: { name: "IBM Maximo Asset Management 7.6.1.2", product_id: "812526", product_identification_helper: { cpe: "cpe:/a:ibm:maximo_asset_management:7.6.1.2", }, }, }, ], category: "product_name", name: "Maximo Asset Management", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2022-37734", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in IBM Maximo Asset Management. Das Problem besteht in GraphQL Java. Beim Verarbeiten einer speziell gestalteten Anfrage mit Richtlinienüberladung kann ein unkontrollierter Ressourcenverbrauch herbeigeführt werden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "812526", "1234217", ], }, release_date: "2023-06-08T22:00:00.000+00:00", title: "CVE-2022-37734", }, { cve: "CVE-2022-36033", notes: [ { category: "description", text: "In IBM Maximo Asset Management existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in jsoup nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "812526", "1234217", ], }, release_date: "2023-06-08T22:00:00.000+00:00", title: "CVE-2022-36033", }, ], }
wid-sec-w-2022-1635
Vulnerability from csaf_certbund
Published
2022-10-05 22:00
Modified
2024-02-11 23:00
Summary
Red Hat OpenShift und Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1635 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1635.json", }, { category: "self", summary: "WID-SEC-2022-1635 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1635", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-10-05", url: "https://access.redhat.com/errata/RHSA-2022:6757", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-10-05", url: "https://access.redhat.com/errata/RHSA-2022:6820", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:6835 vom 2022-10-06", url: "https://access.redhat.com/errata/RHSA-2022:6835", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-6820 vom 2022-10-07", url: "http://linux.oracle.com/errata/ELSA-2022-6820.html", }, { category: "external", summary: "IBM Security Bulletin 6832094 vom 2022-10-27", url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-websphere-application-server-liberty-is-vulnerable-to-denial-of-service-due-to-graphql-java-cve-2022-37734/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8524 vom 2022-11-17", url: "https://access.redhat.com/errata/RHSA-2022:8524", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8652 vom 2022-11-28", url: "https://access.redhat.com/errata/RHSA-2022:8652", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8876 vom 2022-12-07", url: "https://access.redhat.com/errata/RHSA-2022:8876", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:9023 vom 2022-12-14", url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:0189 vom 2023-01-17", url: "https://access.redhat.com/errata/RHSA-2023:0189", }, { category: "external", summary: "IBM Security Bulletin 6856687 vom 2023-01-20", url: "https://www.ibm.com/support/pages/node/6856687", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:0560 vom 2023-02-08", url: "https://access.redhat.com/errata/RHSA-2023:0560", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1049 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1049", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1043 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1043", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1045 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1045", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1047 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1047", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1044 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1044", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1513 vom 2023-03-30", url: "https://access.redhat.com/errata/RHSA-2023:1513", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1514 vom 2023-03-30", url: "https://access.redhat.com/errata/RHSA-2023:1514", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1512 vom 2023-03-30", url: "https://access.redhat.com/errata/RHSA-2023:1512", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:3641 vom 2023-06-15", url: "https://access.redhat.com/errata/RHSA-2023:3641", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:7697 vom 2023-12-07", url: "https://access.redhat.com/errata/RHSA-2023:7697", }, { category: "external", summary: "Dell Security Advisory DSA-2023-300 vom 2023-12-22", url: "https://www.dell.com/support/kbdoc/000220649/dsa-2023-=", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2403 vom 2024-01-10", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2403.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:0777 vom 2024-02-12", url: "https://access.redhat.com/errata/RHSA-2024:0777", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:0778 vom 2024-02-12", url: "https://access.redhat.com/errata/RHSA-2024:0778", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:0776 vom 2024-02-12", url: "https://access.redhat.com/errata/RHSA-2024:0776", }, ], source_lang: "en-US", title: "Red Hat OpenShift und Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2024-02-11T23:00:00.000+00:00", generator: { date: "2024-08-15T17:36:07.789+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-1635", initial_release_date: "2022-10-05T22:00:00.000+00:00", revision_history: [ { date: "2022-10-05T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-10-06T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat und Oracle Linux aufgenommen", }, { date: "2022-10-26T22:00:00.000+00:00", number: "3", summary: "Neue Updates von IBM aufgenommen", }, { date: "2022-11-17T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-11-28T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-12-07T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-12-14T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-01-17T23:00:00.000+00:00", number: "8", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-01-22T23:00:00.000+00:00", number: "9", summary: "Neue Updates von IBM aufgenommen", }, { date: "2023-02-08T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-03-01T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-03-29T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-06-15T22:00:00.000+00:00", number: "13", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-12-07T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-12-21T23:00:00.000+00:00", number: "15", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-01-09T23:00:00.000+00:00", number: "16", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-02-11T23:00:00.000+00:00", number: "17", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "17", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Dell NetWorker", product: { name: "Dell NetWorker", product_id: "T024663", product_identification_helper: { cpe: "cpe:/a:dell:networker:-", }, }, }, ], category: "vendor", name: "Dell", }, { branches: [ { branches: [ { category: "product_version", name: "9.1", product: { name: "IBM TXSeries 9.1", product_id: "T015903", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_9.1", }, }, }, { category: "product_version", name: "8.2", product: { name: "IBM TXSeries 8.2", product_id: "T015904", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.2", }, }, }, { category: "product_version", name: "8.1", product: { name: "IBM TXSeries 8.1", product_id: "T015905", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.1", }, }, }, ], category: "product_name", name: "TXSeries", }, { category: "product_name", name: "IBM WebSphere Application Server", product: { name: "IBM WebSphere Application Server", product_id: "5198", product_identification_helper: { cpe: "cpe:/a:ibm:websphere_application_server:-", }, }, }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_version", name: "8", product: { name: "Red Hat Enterprise Linux 8", product_id: "T014111", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, { branches: [ { category: "product_version", name: "Clients 3", product: { name: "Red Hat JBoss A-MQ Clients 3", product_id: "T031509", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_amq:clients_3", }, }, }, ], category: "product_name", name: "JBoss A-MQ", }, { branches: [ { category: "product_version_range", name: "build of Eclipse Vert.x < 4.3.", product: { name: "Red Hat OpenShift build of Eclipse Vert.x < 4.3.", product_id: "T024811", }, }, { category: "product_version", name: "container platform 4.0.51", product: { name: "Red Hat OpenShift container platform 4.0.51", product_id: "T026183", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:container_platform_4.0.51", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25857", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-25857", }, { cve: "CVE-2022-37734", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-37734", }, { cve: "CVE-2022-38749", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38749", }, { cve: "CVE-2022-38750", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38750", }, { cve: "CVE-2022-38751", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38751", }, { cve: "CVE-2022-38752", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38752", }, ], }
WID-SEC-W-2022-1635
Vulnerability from csaf_certbund
Published
2022-10-05 22:00
Modified
2024-02-11 23:00
Summary
Red Hat OpenShift und Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1635 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1635.json", }, { category: "self", summary: "WID-SEC-2022-1635 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1635", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-10-05", url: "https://access.redhat.com/errata/RHSA-2022:6757", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-10-05", url: "https://access.redhat.com/errata/RHSA-2022:6820", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:6835 vom 2022-10-06", url: "https://access.redhat.com/errata/RHSA-2022:6835", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-6820 vom 2022-10-07", url: "http://linux.oracle.com/errata/ELSA-2022-6820.html", }, { category: "external", summary: "IBM Security Bulletin 6832094 vom 2022-10-27", url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-websphere-application-server-liberty-is-vulnerable-to-denial-of-service-due-to-graphql-java-cve-2022-37734/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8524 vom 2022-11-17", url: "https://access.redhat.com/errata/RHSA-2022:8524", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8652 vom 2022-11-28", url: "https://access.redhat.com/errata/RHSA-2022:8652", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8876 vom 2022-12-07", url: "https://access.redhat.com/errata/RHSA-2022:8876", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:9023 vom 2022-12-14", url: "https://access.redhat.com/errata/RHSA-2022:9023", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:0189 vom 2023-01-17", url: "https://access.redhat.com/errata/RHSA-2023:0189", }, { category: "external", summary: "IBM Security Bulletin 6856687 vom 2023-01-20", url: "https://www.ibm.com/support/pages/node/6856687", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:0560 vom 2023-02-08", url: "https://access.redhat.com/errata/RHSA-2023:0560", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1049 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1049", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1043 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1043", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1045 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1045", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1047 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1047", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1044 vom 2023-03-02", url: "https://access.redhat.com/errata/RHSA-2023:1044", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1513 vom 2023-03-30", url: "https://access.redhat.com/errata/RHSA-2023:1513", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1514 vom 2023-03-30", url: "https://access.redhat.com/errata/RHSA-2023:1514", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1512 vom 2023-03-30", url: "https://access.redhat.com/errata/RHSA-2023:1512", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:3641 vom 2023-06-15", url: "https://access.redhat.com/errata/RHSA-2023:3641", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:7697 vom 2023-12-07", url: "https://access.redhat.com/errata/RHSA-2023:7697", }, { category: "external", summary: "Dell Security Advisory DSA-2023-300 vom 2023-12-22", url: "https://www.dell.com/support/kbdoc/000220649/dsa-2023-=", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2403 vom 2024-01-10", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2403.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:0777 vom 2024-02-12", url: "https://access.redhat.com/errata/RHSA-2024:0777", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:0778 vom 2024-02-12", url: "https://access.redhat.com/errata/RHSA-2024:0778", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:0776 vom 2024-02-12", url: "https://access.redhat.com/errata/RHSA-2024:0776", }, ], source_lang: "en-US", title: "Red Hat OpenShift und Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2024-02-11T23:00:00.000+00:00", generator: { date: "2024-08-15T17:36:07.789+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-1635", initial_release_date: "2022-10-05T22:00:00.000+00:00", revision_history: [ { date: "2022-10-05T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-10-06T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat und Oracle Linux aufgenommen", }, { date: "2022-10-26T22:00:00.000+00:00", number: "3", summary: "Neue Updates von IBM aufgenommen", }, { date: "2022-11-17T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-11-28T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-12-07T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-12-14T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-01-17T23:00:00.000+00:00", number: "8", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-01-22T23:00:00.000+00:00", number: "9", summary: "Neue Updates von IBM aufgenommen", }, { date: "2023-02-08T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-03-01T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-03-29T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-06-15T22:00:00.000+00:00", number: "13", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-12-07T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-12-21T23:00:00.000+00:00", number: "15", summary: "Neue Updates von Dell aufgenommen", }, { date: "2024-01-09T23:00:00.000+00:00", number: "16", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-02-11T23:00:00.000+00:00", number: "17", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "17", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Dell NetWorker", product: { name: "Dell NetWorker", product_id: "T024663", product_identification_helper: { cpe: "cpe:/a:dell:networker:-", }, }, }, ], category: "vendor", name: "Dell", }, { branches: [ { branches: [ { category: "product_version", name: "9.1", product: { name: "IBM TXSeries 9.1", product_id: "T015903", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_9.1", }, }, }, { category: "product_version", name: "8.2", product: { name: "IBM TXSeries 8.2", product_id: "T015904", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.2", }, }, }, { category: "product_version", name: "8.1", product: { name: "IBM TXSeries 8.1", product_id: "T015905", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.1", }, }, }, ], category: "product_name", name: "TXSeries", }, { category: "product_name", name: "IBM WebSphere Application Server", product: { name: "IBM WebSphere Application Server", product_id: "5198", product_identification_helper: { cpe: "cpe:/a:ibm:websphere_application_server:-", }, }, }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_version", name: "8", product: { name: "Red Hat Enterprise Linux 8", product_id: "T014111", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, { branches: [ { category: "product_version", name: "Clients 3", product: { name: "Red Hat JBoss A-MQ Clients 3", product_id: "T031509", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_amq:clients_3", }, }, }, ], category: "product_name", name: "JBoss A-MQ", }, { branches: [ { category: "product_version_range", name: "build of Eclipse Vert.x < 4.3.", product: { name: "Red Hat OpenShift build of Eclipse Vert.x < 4.3.", product_id: "T024811", }, }, { category: "product_version", name: "container platform 4.0.51", product: { name: "Red Hat OpenShift container platform 4.0.51", product_id: "T026183", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:container_platform_4.0.51", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25857", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-25857", }, { cve: "CVE-2022-37734", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-37734", }, { cve: "CVE-2022-38749", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38749", }, { cve: "CVE-2022-38750", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38750", }, { cve: "CVE-2022-38751", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38751", }, { cve: "CVE-2022-38752", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in Red Hat OpenShift build of Eclipse Vert.x und Red Hat Enterprise Linux. Die Fehler bestehen in den Komponenten prometheus-jmx-exporter, GraphQL-Java und snakeyaml aufgrund einer fehlenden Begrenzung der Verschachtelungstiefe für Sammlungen, einer ineffizienten Eingabevalidierung des Lexers und mehrerer Stapelüberläufe. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T015905", "T026183", "T015904", "5198", "T015903", "67646", "T024663", "398363", "T004914", "T014111", "T031509", ], }, release_date: "2022-10-05T22:00:00.000+00:00", title: "CVE-2022-38752", }, ], }
fkie_cve-2022-37734
Vulnerability from fkie_nvd
Published
2022-09-12 14:15
Modified
2024-11-21 07:15
Severity ?
Summary
graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/graphql-java/graphql-java/discussions/2958 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/graphql-java/graphql-java/issues/2888 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/graphql-java/graphql-java/pull/2892 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/graphql-java/graphql-java/releases | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/discussions/2958 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/issues/2888 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/pull/2892 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/graphql-java/graphql-java/releases | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| graphql-java_project | graphql-java | * | |
| graphql-java_project | graphql-java | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:java:*:*", matchCriteriaId: "6213C053-09F9-4ECB-A97C-D9889C0FD6B3", versionEndExcluding: "17.4", vulnerable: true, }, { criteria: "cpe:2.3:a:graphql-java_project:graphql-java:*:*:*:*:*:*:*:*", matchCriteriaId: "615E4172-550D-42EB-B32C-B7C15C33DD37", versionEndExcluding: "18.3", versionStartIncluding: "18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.", }, { lang: "es", value: "graphql-java before19.0 es vulnerable a la denegación de servicio. Un atacante puede enviar una consulta GraphQL maliciosa que consuma recursos de la CPU. Las versiones corregidas son 19.0 y posteriores, 18.3 y 17.4, y 0.0.0-2022-07-26T05-45-04-226aabd9", }, ], id: "CVE-2022-37734", lastModified: "2024-11-21T07:15:07.053", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-12T14:15:09.047", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/discussions/2958", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/issues/2888", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/pull/2892", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/graphql-java/graphql-java/releases", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.