Action not permitted
Modal body text goes here.
cve-2024-47561
Vulnerability from cvelistv5
Published
2024-10-03 10:23
Modified
2024-10-21 08:51
Severity ?
EPSS score ?
Summary
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro schema (Java SDK)
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Apache Software Foundation | Apache Avro Java SDK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-10-11T22:03:16.050Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2024/10/03/1" }, { "url": "https://security.netapp.com/advisory/ntap-20241011-0003/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:apache:avro:-:*:*:*:*:-:*:*" ], "defaultStatus": "unknown", "product": "avro", "vendor": "apache", "versions": [ { "lessThan": "1.11.4", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-47561", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-03T18:53:44.038603Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-03T18:59:41.415Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected", "packageName": "org.apache.avro:avro", "product": "Apache Avro Java SDK", "vendor": "Apache Software Foundation", "versions": [ { "lessThan": "1.11.4", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Kostya Kortchinsky, from the Databricks Security Team" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.\u003cbr\u003eUsers are recommended to upgrade to version 1.11.4\u0026nbsp; or 1.12.0, which fix this issue." } ], "value": "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.\nUsers are recommended to upgrade to version 1.11.4\u00a0 or 1.12.0, which fix this issue." } ], "metrics": [ { "other": { "content": { "text": "critical" }, "type": "Textual description of severity" } }, { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 9.2, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-502", "description": "CWE-502 Deserialization of Untrusted Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-21T08:51:22.972Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x" } ], "source": { "discovery": "UNKNOWN" }, "title": "Apache Avro Java SDK: Arbitrary Code Execution when reading Avro schema (Java SDK)", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2024-47561", "datePublished": "2024-10-03T10:23:16.214Z", "dateReserved": "2024-09-27T07:06:47.522Z", "dateUpdated": "2024-10-21T08:51:22.972Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-47561\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-10-03T11:15:13.510\",\"lastModified\":\"2024-10-21T09:15:02.627\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.\\nUsers are recommended to upgrade to version 1.11.4\u00a0 or 1.12.0, which fix this issue.\"},{\"lang\":\"es\",\"value\":\"El an\u00e1lisis de esquemas en el SDK de Java de Apache Avro 1.11.3 y versiones anteriores permite que actores maliciosos ejecuten c\u00f3digo arbitrario. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.11.4 o 1.12.0, que solucionan este problema.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"HIGH\",\"vulnerableSystemIntegrity\":\"HIGH\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\",\"baseScore\":9.2,\"baseSeverity\":\"CRITICAL\"}}],\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x\",\"source\":\"security@apache.org\"}]}}" } }
ghsa-r7pg-v2c8-mfg3
Vulnerability from github
Published
2024-10-03 12:30
Modified
2024-10-08 14:51
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)
Details
Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "org.apache.avro:avro" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.11.4" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2024-47561" ], "database_specific": { "cwe_ids": [ "CWE-502" ], "github_reviewed": true, "github_reviewed_at": "2024-10-03T16:52:52Z", "nvd_published_at": "2024-10-03T11:15:13Z", "severity": "CRITICAL" }, "details": "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.\nUsers are recommended to upgrade to version 1.11.4\u00a0or 1.12.0, which fix this issue.", "id": "GHSA-r7pg-v2c8-mfg3", "modified": "2024-10-08T14:51:58Z", "published": "2024-10-03T12:30:48Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" }, { "type": "WEB", "url": "https://github.com/apache/avro/pull/2934" }, { "type": "WEB", "url": "https://github.com/apache/avro/pull/2980" }, { "type": "WEB", "url": "https://github.com/apache/avro/commit/8f89868d29272e3afea2ff8de8c85cb81a57d900" }, { "type": "WEB", "url": "https://github.com/apache/avro/commit/f6b3bd7e50e6e09fedddb98c61558c022ba31285" }, { "type": "PACKAGE", "url": "https://github.com/apache/avro" }, { "type": "WEB", "url": "https://issues.apache.org/jira/browse/AVRO-3985" }, { "type": "WEB", "url": "https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x" }, { "type": "WEB", "url": "https://thehackernews.com/2024/10/critical-apache-avro-sdk-flaw-allows.html" }, { "type": "WEB", "url": "https://www.openwall.com/lists/oss-security/2024/10/03/1" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "type": "CVSS_V4" } ], "summary": "Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)" }
rhsa-2024_7972
Vulnerability from csaf_redhat
Published
2024-10-10 14:00
Modified
2024-11-13 16:41
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.SP1)
Notes
Topic
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.SP1).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.
Red Hat Product Security has rated this update as having a security impact of Critical.
Details
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.SP1).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:
* CVE-2024-47561 org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE)
* CVE-2024-7254 com.google.protobuf/protobuf-java: StackOverflow vulnerability in Protocol Buffers
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.SP1).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\nRed Hat Product Security has rated this update as having a security impact of Critical.", "title": "Topic" }, { "category": "general", "text": "An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.SP1).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:\n* CVE-2024-47561 org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE)\n* CVE-2024-7254 com.google.protobuf/protobuf-java: StackOverflow vulnerability in Protocol Buffers", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:7972", "url": "https://access.redhat.com/errata/RHSA-2024:7972" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "2313454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454" }, { "category": "external", "summary": "2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7972.json" } ], "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.SP1)", "tracking": { "current_release_date": "2024-11-13T16:41:18+00:00", "generator": { "date": "2024-11-13T16:41:18+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2024:7972", "initial_release_date": "2024-10-10T14:00:25+00:00", "revision_history": [ { "date": "2024-10-10T14:00:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-10T14:00:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-13T16:41:18+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat build of Apache Camel for Quarkus", "product": { "name": "Red Hat build of Apache Camel for Quarkus", "product_id": "Red Hat build of Apache Camel for Quarkus", "product_identification_helper": { "cpe": "cpe:/a:redhat:camel_quarkus:3.8" } } } ], "category": "product_family", "name": "Red Hat Build of Apache Camel" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-7254", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-09-19T01:20:29.981665+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2313454" } ], "notes": [ { "category": "description", "text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.", "title": "Vulnerability description" }, { "category": "summary", "text": "protobuf: StackOverflow vulnerability in Protocol Buffers", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apache Camel for Quarkus" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-7254" }, { "category": "external", "summary": "RHBZ#2313454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254", "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254" }, { "category": "external", "summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa", "url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa" } ], "release_date": "2024-09-19T01:15:10.963000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-10T14:00:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat build of Apache Camel for Quarkus" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7972" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat build of Apache Camel for Quarkus" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat build of Apache Camel for Quarkus" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "protobuf: StackOverflow vulnerability in Protocol Buffers" }, { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-10-02T14:04:06.018000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2316116" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apache Camel for Quarkus" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-47561" }, { "category": "external", "summary": "RHBZ#2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561", "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" } ], "release_date": "2024-10-03T12:20:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-10T14:00:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat build of Apache Camel for Quarkus" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7972" }, { "category": "workaround", "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", "product_ids": [ "Red Hat build of Apache Camel for Quarkus" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat build of Apache Camel for Quarkus" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)" } ] }
rhsa-2024_7812
Vulnerability from csaf_redhat
Published
2024-10-08 16:04
Modified
2024-11-13 15:22
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
* apache-avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* apache-avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:7812", "url": "https://access.redhat.com/errata/RHSA-2024:7812" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index" }, { "category": "external", "summary": "2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7812.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update", "tracking": { "current_release_date": "2024-11-13T15:22:26+00:00", "generator": { "date": "2024-11-13T15:22:26+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2024:7812", "initial_release_date": "2024-10-08T16:04:06+00:00", "revision_history": [ { "date": "2024-10-08T16:04:06+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-08T16:04:06+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-13T15:22:26+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7", "product_id": "Red Hat JBoss Enterprise Application Platform 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-10-02T14:04:06.018000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2316116" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-47561" }, { "category": "external", "summary": "RHBZ#2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561", "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" } ], "release_date": "2024-10-03T12:20:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-08T16:04:06+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7812" }, { "category": "workaround", "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)" } ] }
rhsa-2024_7861
Vulnerability from csaf_redhat
Published
2024-10-09 12:35
Modified
2024-11-13 15:23
Summary
Red Hat Security Advisory: Apicurio Registry (container images) release and security update [ 2.6.5 GA ]
Notes
Topic
An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat build of Apicurio Registry 2.6.5 GA includes the following security fixes.
Security Fix(es):
* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) [rhint-serv-2] (CVE-2024-47561)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat build of Apicurio Registry 2.6.5 GA includes the following security fixes.\n\nSecurity Fix(es):\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) [rhint-serv-2] (CVE-2024-47561)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:7861", "url": "https://access.redhat.com/errata/RHSA-2024:7861" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_apicurio_registry/2.6", "url": "https://docs.redhat.com/en/documentation/red_hat_build_of_apicurio_registry/2.6" }, { "category": "external", "summary": "2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7861.json" } ], "title": "Red Hat Security Advisory: Apicurio Registry (container images) release and security update [ 2.6.5 GA ]", "tracking": { "current_release_date": "2024-11-13T15:23:50+00:00", "generator": { "date": "2024-11-13T15:23:50+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2024:7861", "initial_release_date": "2024-10-09T12:35:14+00:00", "revision_history": [ { "date": "2024-10-09T12:35:14+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-09T12:35:14+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-13T15:23:50+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat build of Apicurio Registry 2.6.5 GA", "product": { "name": "Red Hat build of Apicurio Registry 2.6.5 GA", "product_id": "Red Hat build of Apicurio Registry 2.6.5 GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:apicurio_registry:2.6" } } } ], "category": "product_family", "name": "Red Hat Integration" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-10-02T14:04:06.018000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2316116" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apicurio Registry 2.6.5 GA" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-47561" }, { "category": "external", "summary": "RHBZ#2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561", "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" } ], "release_date": "2024-10-03T12:20:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-09T12:35:14+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat build of Apicurio Registry 2.6.5 GA" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7861" }, { "category": "workaround", "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", "product_ids": [ "Red Hat build of Apicurio Registry 2.6.5 GA" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat build of Apicurio Registry 2.6.5 GA" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)" } ] }
rhsa-2024_7811
Vulnerability from csaf_redhat
Published
2024-10-08 16:08
Modified
2024-11-13 15:22
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
* apache-avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* apache-avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:7811", "url": "https://access.redhat.com/errata/RHSA-2024:7811" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index" }, { "category": "external", "summary": "2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7811.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 Security update", "tracking": { "current_release_date": "2024-11-13T15:22:15+00:00", "generator": { "date": "2024-11-13T15:22:15+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2024:7811", "initial_release_date": "2024-10-08T16:08:21+00:00", "revision_history": [ { "date": "2024-10-08T16:08:21+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-08T16:08:21+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-13T15:22:15+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" } } }, { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 8", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" } } }, { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 9", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "product_id": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-avro@1.11.4-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "product_id": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-avro@1.11.4-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src", "product": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src", "product_id": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-avro@1.11.4-1.redhat_00001.1.el9eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-avro@1.11.4-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-avro@1.11.4-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "product_id": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-avro@1.11.4-1.redhat_00001.1.el9eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-10-02T14:04:06.018000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2316116" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-47561" }, { "category": "external", "summary": "RHBZ#2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561", "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" } ], "release_date": "2024-10-03T12:20:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-08T16:08:21+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7811" }, { "category": "workaround", "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", "product_ids": [ "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el7eap.src", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el8eap.src", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-avro-0:1.11.4-1.redhat_00001.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)" } ] }
rhsa-2024_8093
Vulnerability from csaf_redhat
Published
2024-10-14 19:55
Modified
2024-11-13 15:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8093", "url": "https://access.redhat.com/errata/RHSA-2024:8093" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index" }, { "category": "external", "summary": "2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8093.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update", "tracking": { "current_release_date": "2024-11-13T15:23:33+00:00", "generator": { "date": "2024-11-13T15:23:33+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2024:8093", "initial_release_date": "2024-10-14T19:55:01+00:00", "revision_history": [ { "date": "2024-10-14T19:55:01+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-14T19:55:01+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-13T15:23:33+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7", "product_id": "Red Hat JBoss Enterprise Application Platform 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-10-02T14:04:06.018000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2316116" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-47561" }, { "category": "external", "summary": "RHBZ#2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561", "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" } ], "release_date": "2024-10-03T12:20:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T19:55:01+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: \nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8093" }, { "category": "workaround", "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)" } ] }
rhsa-2024_8064
Vulnerability from csaf_redhat
Published
2024-10-14 15:53
Modified
2024-11-15 21:17
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.
Notes
Topic
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)
* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)
* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8064", "url": "https://access.redhat.com/errata/RHSA-2024:8064" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "2310447", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447" }, { "category": "external", "summary": "2312060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060" }, { "category": "external", "summary": "2314495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495" }, { "category": "external", "summary": "2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8064.json" } ], "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.", "tracking": { "current_release_date": "2024-11-15T21:17:20+00:00", "generator": { "date": "2024-11-15T21:17:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:8064", "initial_release_date": "2024-10-14T15:53:39+00:00", "revision_history": [ { "date": "2024-10-14T15:53:39+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-14T15:53:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T21:17:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot", "product": { "name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot", "product_id": "Red Hat build of Apache Camel 4.4.3 for Spring Boot", "product_identification_helper": { "cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.4.3" } } } ], "category": "product_family", "name": "Red Hat Build of Apache Camel" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-52428", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-09-04T17:02:58.468000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2309764" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52428" }, { "category": "external", "summary": "RHBZ#2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428" } ], "release_date": "2024-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T15:53:39+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8064" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service" }, { "cve": "CVE-2024-38809", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2024-09-24T20:00:28.839621+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2314495" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Spring Web (org.springframework:spring-web) package. Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request.", "title": "Vulnerability description" }, { "category": "summary", "text": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38809" }, { "category": "external", "summary": "RHBZ#2314495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38809", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809" }, { "category": "external", "summary": "http://github.com/spring-projects/spring-framework", "url": "http://github.com/spring-projects/spring-framework" }, { "category": "external", "summary": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3", "url": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3" }, { "category": "external", "summary": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533", "url": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533" }, { "category": "external", "summary": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85", "url": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85" }, { "category": "external", "summary": "https://github.com/spring-projects/spring-framework/issues/33372", "url": "https://github.com/spring-projects/spring-framework/issues/33372" }, { "category": "external", "summary": "https://spring.io/security/cve-2024-38809", "url": "https://spring.io/security/cve-2024-38809" } ], "release_date": "2024-09-24T18:34:43+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T15:53:39+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8064" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request" }, { "cve": "CVE-2024-38816", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2024-09-13T06:20:08.422867+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2312060" } ], "notes": [ { "category": "description", "text": "A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.", "title": "Vulnerability description" }, { "category": "summary", "text": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource", "title": "Vulnerability summary" }, { "category": "other", "text": "Path traversal vulnerabilities in applications that serve static resources via RouterFunctions and FileSystemResource pose a important security risk, as they allow attackers to bypass access controls and retrieve arbitrary files from the server\u0027s filesystem. This type of attack can lead to unauthorized exposure of sensitive data, such as configuration files, environment variables, or authentication credentials. If exploited, it can further facilitate privilege escalation, lateral movement, or remote code execution within the system. Given the broad access it grants to the server\u0027s filesystem, the potential for system compromise makes path traversal vulnerabilities a high-severity issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38816" }, { "category": "external", "summary": "RHBZ#2312060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38816", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816" }, { "category": "external", "summary": "https://spring.io/security/cve-2024-38816", "url": "https://spring.io/security/cve-2024-38816" } ], "release_date": "2024-09-13T06:15:11.190000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T15:53:39+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8064" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource" }, { "cve": "CVE-2024-45294", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2024-09-06T16:20:11.403869+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2310447" } ], "notes": [ { "category": "description", "text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.", "title": "Vulnerability description" }, { "category": "summary", "text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-45294" }, { "category": "external", "summary": "RHBZ#2310447", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294", "url": "https://www.cve.org/CVERecord?id=CVE-2024-45294" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294" }, { "category": "external", "summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", "url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23" }, { "category": "external", "summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", "url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf" } ], "release_date": "2024-09-06T16:15:03.300000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T15:53:39+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8064" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`" }, { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-10-02T14:04:06.018000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2316116" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-47561" }, { "category": "external", "summary": "RHBZ#2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561", "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" } ], "release_date": "2024-10-03T12:20:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T15:53:39+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8064" }, { "category": "workaround", "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", "product_ids": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat build of Apache Camel 4.4.3 for Spring Boot" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)" } ] }
rhsa-2024_8339
Vulnerability from csaf_redhat
Published
2024-10-22 18:29
Modified
2024-11-15 21:16
Summary
Red Hat Security Advisory: Red Hat Integration Camel K 1.10.8 release and security update.
Notes
Topic
Red Hat Integration Camel K 1.10.8 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Camel K 1.10.8 is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding (CVE-2024-28752)
* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)
* org.apache.camel-camel-cassandraql: : Apache Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository (CVE-2024-23114)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE important page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Integration Camel K 1.10.8 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Camel K 1.10.8 is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding (CVE-2024-28752)\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (CVE-2024-47561)\n\n* org.apache.camel-camel-cassandraql: : Apache Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository (CVE-2024-23114)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE important page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8339", "url": "https://access.redhat.com/errata/RHSA-2024:8339" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2265053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265053" }, { "category": "external", "summary": "2270732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732" }, { "category": "external", "summary": "2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8339.json" } ], "title": "Red Hat Security Advisory: Red Hat Integration Camel K 1.10.8 release and security update.", "tracking": { "current_release_date": "2024-11-15T21:16:31+00:00", "generator": { "date": "2024-11-15T21:16:31+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:8339", "initial_release_date": "2024-10-22T18:29:33+00:00", "revision_history": [ { "date": "2024-10-22T18:29:33+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-22T18:29:33+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T21:16:31+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHINT Camel-K 1.10.8", "product": { "name": "RHINT Camel-K 1.10.8", "product_id": "RHINT Camel-K 1.10.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:camel_k:1.10.8" } } } ], "category": "product_family", "name": "Red Hat Integration" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-23114", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265053" } ], "notes": [ { "category": "description", "text": "A deserialization of untrusted data flaw was found in the Apache Camel CassandraQL Component AggregationRepository. The affected versions of Apache Camel are vulnerable to unsafe deserialization, where, under specific conditions, it is possible to deserialize a malicious payload.", "title": "Vulnerability description" }, { "category": "summary", "text": "Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-K 1.10.8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-23114" }, { "category": "external", "summary": "RHBZ#2265053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23114", "url": "https://www.cve.org/CVERecord?id=CVE-2024-23114" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23114", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23114" }, { "category": "external", "summary": "https://camel.apache.org/", "url": "https://camel.apache.org/" }, { "category": "external", "summary": "https://issues.apache.org/jira/browse/CAMEL-20306", "url": "https://issues.apache.org/jira/browse/CAMEL-20306" } ], "release_date": "2024-02-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-22T18:29:33+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHINT Camel-K 1.10.8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8339" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "RHINT Camel-K 1.10.8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository" }, { "cve": "CVE-2024-28752", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270732" } ], "notes": [ { "category": "description", "text": "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.", "title": "Vulnerability description" }, { "category": "summary", "text": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-K 1.10.8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-28752" }, { "category": "external", "summary": "RHBZ#2270732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28752", "url": "https://www.cve.org/CVERecord?id=CVE-2024-28752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", "url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-qmgx-j96g-4428", "url": "https://github.com/advisories/GHSA-qmgx-j96g-4428" } ], "release_date": "2024-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-22T18:29:33+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHINT Camel-K 1.10.8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8339" }, { "category": "workaround", "details": "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.", "product_ids": [ "RHINT Camel-K 1.10.8" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "RHINT Camel-K 1.10.8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding" }, { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2024-10-02T14:04:06.018000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2316116" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-K 1.10.8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-47561" }, { "category": "external", "summary": "RHBZ#2316116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561", "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561" } ], "release_date": "2024-10-03T12:20:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-22T18:29:33+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "RHINT Camel-K 1.10.8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8339" }, { "category": "workaround", "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", "product_ids": [ "RHINT Camel-K 1.10.8" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "RHINT Camel-K 1.10.8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.