Action not permitted
Modal body text goes here.
cve-2023-33202
Vulnerability from cvelistv5
Published
2023-11-23 00:00
Modified
2024-10-11 18:05
Severity ?
EPSS score ?
Summary
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bouncycastle.org | Product | |
cve@mitre.org | https://github.com/bcgit/bc-java/wiki/CVE-2023-33202 | Exploit, Third Party Advisory | |
cve@mitre.org | https://security.netapp.com/advisory/ntap-20240125-0001/ | Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:39:35.778Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bouncycastle.org" }, { "tags": [ "x_transferred" ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240125-0001/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-33202", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-11T17:51:39.623008Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-11T18:05:47.384Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T14:06:28.223547", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bouncycastle.org" }, { "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" }, { "url": "https://security.netapp.com/advisory/ntap-20240125-0001/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-33202", "datePublished": "2023-11-23T00:00:00", "dateReserved": "2023-05-18T00:00:00", "dateUpdated": "2024-10-11T18:05:47.384Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-33202\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-11-23T16:15:07.273\",\"lastModified\":\"2024-09-09T13:53:54.253\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)\"},{\"lang\":\"es\",\"value\":\"Bouncy Castle para Java anterior a 1.73 contiene un posible problema de denegaci\u00f3n de servicio (DoS) dentro de la clase Bouncy Castle org.bouncycastle.openssl.PEMParser. Esta clase analiza secuencias codificadas OpenSSL PEM que contienen certificados X.509, claves codificadas PKCS8 y objetos PKCS7. El an\u00e1lisis de un archivo que ha creado datos ASN.1 a trav\u00e9s de PEMParser provoca un OutOfMemoryError, que puede permitir un ataque de denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bouncy_castle_for_java:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.73\",\"matchCriteriaId\":\"A450303D-AF6E-4A81-BE1C-F744B728AC27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:fips_java_api:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.4\",\"matchCriteriaId\":\"326EBBC5-8448-412E-9B9E-6D93A0BD4790\"}]}]}],\"references\":[{\"url\":\"https://bouncycastle.org\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/bcgit/bc-java/wiki/CVE-2023-33202\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240125-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
wid-sec-w-2023-2998
Vulnerability from csaf_certbund
Published
2023-11-22 23:00
Modified
2024-05-30 22:00
Summary
Bouncy Castle: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Bouncy Castle ist eine Kryptographie-API für Java.
Angriff
Ein entfernter Angreifer kann eine Schwachstelle in Bouncy Castle ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Bouncy Castle ist eine Kryptographie-API f\u00fcr Java.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter Angreifer kann eine Schwachstelle in Bouncy Castle ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2998 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2998.json" }, { "category": "self", "summary": "WID-SEC-2023-2998 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2998" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20240125-0001 vom 2024-01-25", "url": "https://security.netapp.com/advisory/ntap-20240125-0001/" }, { "category": "external", "summary": "Bouncy Castle Security Advisory vom 2023-11-23", "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" }, { "category": "external", "summary": "IBM Security Bulletin", "url": "https://www.ibm.com/support/pages/node/7117232" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3527 vom 2024-05-30", "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "source_lang": "en-US", "title": "Bouncy Castle: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2024-05-30T22:00:00.000+00:00", "generator": { "date": "2024-05-31T09:08:09.595+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2998", "initial_release_date": "2023-11-22T23:00:00.000+00:00", "revision_history": [ { "date": "2023-11-22T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-01-25T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von NetApp aufgenommen" }, { "date": "2024-03-19T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-05-30T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "11.7", "product": { "name": "IBM InfoSphere Information Server 11.7", "product_id": "444803", "product_identification_helper": { "cpe": "cpe:/a:ibm:infosphere_information_server:11.7" } } } ], "category": "product_name", "name": "InfoSphere Information Server" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "NetApp ActiveIQ Unified Manager", "product": { "name": "NetApp ActiveIQ Unified Manager", "product_id": "T016960", "product_identification_helper": { "cpe": "cpe:/a:netapp:active_iq_unified_manager:-" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c1.73", "product": { "name": "Open Source Bouncy Castle \u003c1.73", "product_id": "T031338", "product_identification_helper": { "cpe": "cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.73" } } } ], "category": "product_name", "name": "Bouncy Castle" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-33202", "notes": [ { "category": "description", "text": "Es gibt eine Schwachstelle in Bouncy Castle for Java bez\u00fcglich der Klasse \"org.bouncycastle.openssl.PEMParser\", die verwendet wird, um PEM-kodierte Streams zu verarbeiten, die X.509-Zertifikate, PKCS8-kodierte Schl\u00fcssel und PKCS7-Objekte enthalten. Aufgrund einer unvollst\u00e4ndigen Filterung speziell gestalteter ASN.1-Daten kann ein Angreifer einen \"OutOfMemoryError\" verursachen, was zu einer Denial-of-Service-Situation f\u00fchrt." } ], "product_status": { "known_affected": [ "67646", "444803", "T016960" ] }, "release_date": "2023-11-22T23:00:00Z", "title": "CVE-2023-33202" } ] }
rhsa-2024_3527
Vulnerability from csaf_redhat
Published
2024-05-30 20:24
Modified
2024-11-15 21:13
Summary
Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update
Notes
Topic
Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.7.0 serves as a replacement for Red Hat AMQ Streams 2.6.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* lz4: memory corruption due to an integer overflow bug caused by memmove argument (CVE-2021-3520)
* zstd: Race condition allows attacker to access world-readable destination file (CVE-2021-24032)
* RocksDB: zstd: mysql: buffer overrun in util.c (CVE-2022-4899)
* netty-codec-http: Allocation of Resources Without Limits or Throttling (CVE-2024-29025)
* commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file (CVE-2024-25710)
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact (CVE-2023-43642)
* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)
* protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)
* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)
* bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class (CVE-2023-33202)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)
* guava: insecure temporary directory creation (CVE-2023-2976)
* io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)
* io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx (CVE-2024-1023)
* quarkus-core: Leak of local configuration properties into Quarkus applications (CVE-2024-2700)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.7.0 serves as a replacement for Red Hat AMQ Streams 2.6.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* lz4: memory corruption due to an integer overflow bug caused by memmove argument (CVE-2021-3520)\n* zstd: Race condition allows attacker to access world-readable destination file (CVE-2021-24032)\n* RocksDB: zstd: mysql: buffer overrun in util.c (CVE-2022-4899)\n* netty-codec-http: Allocation of Resources Without Limits or Throttling (CVE-2024-29025)\n* commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file (CVE-2024-25710)\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n* snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact (CVE-2023-43642)\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)\n* protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)\n* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)\n* bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class (CVE-2023-33202)\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n* guava: insecure temporary directory creation (CVE-2023-2976)\n* io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)\n* io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx (CVE-2024-1023)\n* quarkus-core: Leak of local configuration properties into Quarkus applications (CVE-2024-2700)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:3527", "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1928090", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090" }, { "category": "external", "summary": "1954559", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559" }, { "category": "external", "summary": "2135435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435" }, { "category": "external", "summary": "2137645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645" }, { "category": "external", "summary": "2142707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707" }, { "category": "external", "summary": "2179864", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864" }, { "category": "external", "summary": "2188542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542" }, { "category": "external", "summary": "2215229", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229" }, { "category": "external", "summary": "2215465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465" }, { "category": "external", "summary": "2241722", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722" }, { "category": "external", "summary": "2251281", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281" }, { "category": "external", "summary": "2256063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063" }, { "category": "external", "summary": "2260840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840" }, { "category": "external", "summary": "2263139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139" }, { "category": "external", "summary": "2264988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988" }, { "category": "external", "summary": "2272907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907" }, { "category": "external", "summary": "2273281", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281" }, { "category": "external", "summary": "ENTMQST-5619", "url": "https://issues.redhat.com/browse/ENTMQST-5619" }, { "category": "external", "summary": "ENTMQST-5881", "url": "https://issues.redhat.com/browse/ENTMQST-5881" }, { "category": "external", "summary": "ENTMQST-5882", "url": "https://issues.redhat.com/browse/ENTMQST-5882" }, { "category": "external", "summary": "ENTMQST-5883", "url": "https://issues.redhat.com/browse/ENTMQST-5883" }, { "category": "external", "summary": "ENTMQST-5884", "url": "https://issues.redhat.com/browse/ENTMQST-5884" }, { "category": "external", "summary": "ENTMQST-5885", "url": "https://issues.redhat.com/browse/ENTMQST-5885" }, { "category": "external", "summary": "ENTMQST-5886", "url": "https://issues.redhat.com/browse/ENTMQST-5886" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3527.json" } ], "title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update", "tracking": { "current_release_date": "2024-11-15T21:13:28+00:00", "generator": { "date": "2024-11-15T21:13:28+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:3527", "initial_release_date": "2024-05-30T20:24:46+00:00", "revision_history": [ { "date": "2024-05-30T20:24:46+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-06-25T17:26:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T21:13:28+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat AMQ Streams 2.7.0", "product": { "name": "Red Hat AMQ Streams 2.7.0", "product_id": "Red Hat AMQ Streams 2.7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:amq_streams:2" } } } ], "category": "product_family", "name": "Streams for Apache Kafka" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3520", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954559" } ], "notes": [ { "category": "description", "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.", "title": "Vulnerability description" }, { "category": "summary", "text": "lz4: memory corruption due to an integer overflow bug caused by memmove argument", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for Red Hat Enterprise Linux 7. To learn more about Red Hat Enterprise Linux support life cycles, please see https://access.redhat.com/support/policy/updates/errata .", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3520" }, { "category": "external", "summary": "RHBZ#1954559", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3520", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520" } ], "release_date": "2021-04-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "lz4: memory corruption due to an integer overflow bug caused by memmove argument" }, { "cve": "CVE-2021-24032", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "discovery_date": "2021-02-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1928090" } ], "notes": [ { "category": "description", "text": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).", "title": "Vulnerability description" }, { "category": "summary", "text": "zstd: Race condition allows attacker to access world-readable destination file", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift Container Platform (OCP) the zstd package was delivered in OCP 4.3 which is already end of life.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-24032" }, { "category": "external", "summary": "RHBZ#1928090", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-24032", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24032" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032" } ], "release_date": "2021-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zstd: Race condition allows attacker to access world-readable destination file" }, { "cve": "CVE-2022-3171", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2137645" } ], "notes": [ { "category": "description", "text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.", "title": "Vulnerability description" }, { "category": "summary", "text": "protobuf-java: timeout in parser leads to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3171" }, { "category": "external", "summary": "RHBZ#2137645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171" }, { "category": "external", "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2", "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2" } ], "release_date": "2022-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "protobuf-java: timeout in parser leads to DoS" }, { "cve": "CVE-2022-4899", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2179864" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", "title": "Vulnerability description" }, { "category": "summary", "text": "zstd: mysql: buffer overrun in util.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4899" }, { "category": "external", "summary": "RHBZ#2179864", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4899", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4899" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899" } ], "release_date": "2022-07-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "zstd: mysql: buffer overrun in util.c" }, { "cve": "CVE-2022-42889", "cwe": { "id": "CWE-1188", "name": "Initialization of a Resource with an Insecure Default" }, "discovery_date": "2022-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135435" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-commons-text: variable interpolation RCE", "title": "Vulnerability summary" }, { "category": "other", "text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42889" }, { "category": "external", "summary": "RHBZ#2135435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42889" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889" }, { "category": "external", "summary": "https://blogs.apache.org/security/entry/cve-2022-42889", "url": "https://blogs.apache.org/security/entry/cve-2022-42889" }, { "category": "external", "summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", "url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om" }, { "category": "external", "summary": "https://seclists.org/oss-sec/2022/q4/22", "url": "https://seclists.org/oss-sec/2022/q4/22" } ], "release_date": "2022-10-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "apache-commons-text: variable interpolation RCE" }, { "cve": "CVE-2022-42920", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2142707" } ], "notes": [ { "category": "description", "text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.", "title": "Vulnerability description" }, { "category": "summary", "text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing", "title": "Vulnerability summary" }, { "category": "other", "text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42920" }, { "category": "external", "summary": "RHBZ#2142707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920" }, { "category": "external", "summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4", "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing" }, { "cve": "CVE-2023-1370", "cwe": { "id": "CWE-674", "name": "Uncontrolled Recursion" }, "discovery_date": "2023-04-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2188542" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.", "title": "Vulnerability description" }, { "category": "summary", "text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-1370" }, { "category": "external", "summary": "RHBZ#2188542", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370", "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-493p-pfq6-5258", "url": "https://github.com/advisories/GHSA-493p-pfq6-5258" }, { "category": "external", "summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/", "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/" } ], "release_date": "2023-03-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)" }, { "cve": "CVE-2023-2976", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "discovery_date": "2023-06-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2215229" } ], "notes": [ { "category": "description", "text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.", "title": "Vulnerability description" }, { "category": "summary", "text": "guava: insecure temporary directory creation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-2976" }, { "category": "external", "summary": "RHBZ#2215229", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976", "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976" } ], "release_date": "2023-06-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "guava: insecure temporary directory creation" }, { "cve": "CVE-2023-33201", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2023-06-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2215465" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", "title": "Vulnerability description" }, { "category": "summary", "text": "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-33201" }, { "category": "external", "summary": "RHBZ#2215465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33201", "url": "https://www.cve.org/CVERecord?id=CVE-2023-33201" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201" }, { "category": "external", "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201" } ], "release_date": "2023-06-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bouncycastle: potential blind LDAP injection attack using a self-signed certificate" }, { "cve": "CVE-2023-33202", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-11-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2251281" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bouncy Castle for the Java pkix module, which is vulnerable to a potential Denial of Service (DoS) issue within the org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-33202" }, { "category": "external", "summary": "RHBZ#2251281", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33202", "url": "https://www.cve.org/CVERecord?id=CVE-2023-33202" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202" }, { "category": "external", "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202", "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" } ], "release_date": "2023-11-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class" }, { "cve": "CVE-2023-43642", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2241722" } ], "notes": [ { "category": "description", "text": "A flaw was found in SnappyInputStream in snappy-java, a data compression library in Java. This issue occurs when decompressing data with a too-large chunk size due to a missing upper bound check on chunk length. An unrecoverable fatal error can occur, resulting in a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-43642" }, { "category": "external", "summary": "RHBZ#2241722", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-43642", "url": "https://www.cve.org/CVERecord?id=CVE-2023-43642" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642" }, { "category": "external", "summary": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv", "url": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv" } ], "release_date": "2023-09-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact" }, { "cve": "CVE-2023-51074", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2023-12-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2256063" } ], "notes": [ { "category": "description", "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "json-path: stack-based buffer overflow in Criteria.parse method", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51074" }, { "category": "external", "summary": "RHBZ#2256063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074" }, { "category": "external", "summary": "https://github.com/json-path/JsonPath/issues/973", "url": "https://github.com/json-path/JsonPath/issues/973" } ], "release_date": "2023-12-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "json-path: stack-based buffer overflow in Criteria.parse method" }, { "cve": "CVE-2024-1023", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2024-01-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2260840" } ], "notes": [ { "category": "description", "text": "A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak.", "title": "Vulnerability description" }, { "category": "summary", "text": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-1023" }, { "category": "external", "summary": "RHBZ#2260840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1023", "url": "https://www.cve.org/CVERecord?id=CVE-2024-1023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023" }, { "category": "external", "summary": "https://github.com/eclipse-vertx/vert.x/issues/5078", "url": "https://github.com/eclipse-vertx/vert.x/issues/5078" }, { "category": "external", "summary": "https://github.com/eclipse-vertx/vert.x/pull/5080", "url": "https://github.com/eclipse-vertx/vert.x/pull/5080" }, { "category": "external", "summary": "https://github.com/eclipse-vertx/vert.x/pull/5082", "url": "https://github.com/eclipse-vertx/vert.x/pull/5082" } ], "release_date": "2024-01-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx" }, { "cve": "CVE-2024-1300", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-02-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2263139" } ], "notes": [ { "category": "description", "text": "A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.", "title": "Vulnerability description" }, { "category": "summary", "text": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support", "title": "Vulnerability summary" }, { "category": "other", "text": "This affects only TLS servers with SNI enabled.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-1300" }, { "category": "external", "summary": "RHBZ#2263139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1300", "url": "https://www.cve.org/CVERecord?id=CVE-2024-1300" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300" }, { "category": "external", "summary": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni.", "url": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni." } ], "release_date": "2024-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support" }, { "cve": "CVE-2024-2700", "cwe": { "id": "CWE-526", "name": "Cleartext Storage of Sensitive Information in an Environment Variable" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273281" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application\u0027s build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.", "title": "Vulnerability description" }, { "category": "summary", "text": "quarkus-core: Leak of local configuration properties into Quarkus applications", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Moderate impact vulnerability since this requires an attacker to have direct access to the environment variables to override, and the application must use that environment variable to be jeopardized.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-2700" }, { "category": "external", "summary": "RHBZ#2273281", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2700", "url": "https://www.cve.org/CVERecord?id=CVE-2024-2700" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "Currently, no mitigation is available for this vulnerability. Please update as the patches become available.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "quarkus-core: Leak of local configuration properties into Quarkus applications" }, { "cve": "CVE-2024-25710", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2024-02-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2264988" } ], "notes": [ { "category": "description", "text": "A loop with an unreachable exit condition (Infinite Loop) vulnerability was found in Apache Common Compress. This issue can lead to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-25710" }, { "category": "external", "summary": "RHBZ#2264988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25710", "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2024/02/19/1", "url": "http://www.openwall.com/lists/oss-security/2024/02/19/1" }, { "category": "external", "summary": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf", "url": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf" } ], "release_date": "2024-02-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "No mitigation is currently available for this vulnerability.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272907" } ], "notes": [ { "category": "description", "text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty-codec-http: Allocation of Resources Without Limits or Throttling", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat AMQ Streams 2.7.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-29025" }, { "category": "external", "summary": "RHBZ#2272907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025", "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025" }, { "category": "external", "summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3", "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3" }, { "category": "external", "summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c", "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c" }, { "category": "external", "summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v", "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812", "url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812" } ], "release_date": "2024-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-30T20:24:46+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat AMQ Streams 2.7.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "Red Hat AMQ Streams 2.7.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "netty-codec-http: Allocation of Resources Without Limits or Throttling" } ] }
ghsa-wjxj-5m7g-mg7q
Vulnerability from github
Published
2023-11-23 18:30
Modified
2024-09-09 17:38
Severity ?
Summary
Bouncy Castle Denial of Service (DoS)
Details
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-ext-jdk16" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-jdk14" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-jdk15" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-jdk15to18" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-jdk16" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] }, { "database_specific": { "last_known_affected_version_range": "\u003c 1.70" }, "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-jdk15on" }, "ranges": [ { "events": [ { "introduced": "0" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcpkix-jdk18on" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-ext-jdk15on" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.bouncycastle:bcprov-jdk18on" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.73" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2023-33202" ], "database_specific": { "cwe_ids": [ "CWE-400" ], "github_reviewed": true, "github_reviewed_at": "2023-11-24T16:54:01Z", "nvd_published_at": "2023-11-23T16:15:07Z", "severity": "MODERATE" }, "details": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.", "id": "GHSA-wjxj-5m7g-mg7q", "modified": "2024-09-09T17:38:48Z", "published": "2023-11-23T18:30:33Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202" }, { "type": "WEB", "url": "https://github.com/bcgit/bc-java/commit/0c576892862ed41894f49a8f639112e8d66d229c" }, { "type": "WEB", "url": "https://bouncycastle.org" }, { "type": "PACKAGE", "url": "https://github.com/bcgit/bc-java" }, { "type": "WEB", "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20240125-0001" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "Bouncy Castle Denial of Service (DoS)" }
gsd-2023-33202
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
Aliases
Aliases
{ "GSD": { "alias": "CVE-2023-33202", "id": "GSD-2023-33202" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-33202" ], "details": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)", "id": "GSD-2023-33202", "modified": "2023-12-13T01:20:37.298151Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2023-33202", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://bouncycastle.org", "refsource": "MISC", "url": "https://bouncycastle.org" }, { "name": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202", "refsource": "CONFIRM", "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" }, { "name": "https://security.netapp.com/advisory/ntap-20240125-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20240125-0001/" } ] } }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:bouncycastle:bouncy_castle_for_java:*:*:*:*:*:*:*:*", "matchCriteriaId": "A450303D-AF6E-4A81-BE1C-F744B728AC27", "versionEndExcluding": "1.73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)" }, { "lang": "es", "value": "Bouncy Castle para Java anterior a 1.73 contiene un posible problema de denegaci\u00f3n de servicio (DoS) dentro de la clase Bouncy Castle org.bouncycastle.openssl.PEMParser. Esta clase analiza secuencias codificadas OpenSSL PEM que contienen certificados X.509, claves codificadas PKCS8 y objetos PKCS7. El an\u00e1lisis de un archivo que ha creado datos ASN.1 a trav\u00e9s de PEMParser provoca un OutOfMemoryError, que puede permitir un ataque de denegaci\u00f3n de servicio." } ], "id": "CVE-2023-33202", "lastModified": "2024-01-25T14:15:25.783", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-11-23T16:15:07.273", "references": [ { "source": "cve@mitre.org", "tags": [ "Product" ], "url": "https://bouncycastle.org" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202" }, { "source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20240125-0001/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-400" } ], "source": "nvd@nist.gov", "type": "Primary" } ] } } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.