rhsa-2023_0544
Vulnerability from csaf_redhat
Published
2023-01-30 17:12
Modified
2024-12-16 02:19
Summary
Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.14.5 Patch 1 release and security update
Notes
Topic
A patch is now available for Camel for Spring Boot 3.14.5. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This patch, Camel for Spring Boot 3.14.5 Patch 1, serves as a replacement for the previous release of Camel for Spring Boot 3.14.5 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. This release of Camel for Spring Boot includes CXF artifacts that were missing from the previous 3.14.5 release.
Security Fix(es):
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: If the value in map is the map's self, the new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A patch is now available for Camel for Spring Boot 3.14.5. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This patch, Camel for Spring Boot 3.14.5 Patch 1, serves as a replacement for the previous release of Camel for Spring Boot 3.14.5 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. This release of Camel for Spring Boot includes CXF artifacts that were missing from the previous 3.14.5 release.\n\nSecurity Fix(es):\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: If the value in map is the map\u0027s self, the new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0544", "url": "https://access.redhat.com/errata/RHSA-2023:0544" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q1", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q1" }, { "category": "external", "summary": "2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0544.json" } ], "title": "Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.14.5 Patch 1 release and security update", "tracking": { "current_release_date": "2024-12-16T02:19:48+00:00", "generator": { "date": "2024-12-16T02:19:48+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:0544", "initial_release_date": "2023-01-30T17:12:00+00:00", "revision_history": [ { "date": "2023-01-30T17:12:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-30T17:12:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-16T02:19:48+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHINT Camel-Springboot 3.14.5.P1", "product": { "name": "RHINT Camel-Springboot 3.14.5.P1", "product_id": "RHINT Camel-Springboot 3.14.5.P1", "product_identification_helper": { "cpe": "cpe:/a:redhat:camel_spring_boot:3.14.5" } } } ], "category": "product_family", "name": "Red Hat Integration" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-40149", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135771" } ], "notes": [ { "category": "description", "text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: parser crash by stackoverflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-Springboot 3.14.5.P1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-40149" }, { "category": "external", "summary": "RHBZ#2135771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149" }, { "category": "external", "summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1", "url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1" } ], "release_date": "2022-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-30T17:12:00+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nInstallation instructions are available from the Camel for Spring Boot 3.14.5 product documentation page.\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/getting_started_with_camel_spring_boot/index\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/camel_spring_boot_reference/index", "product_ids": [ "RHINT Camel-Springboot 3.14.5.P1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0544" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHINT Camel-Springboot 3.14.5.P1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: parser crash by stackoverflow" }, { "cve": "CVE-2022-45693", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155970" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-Springboot 3.14.5.P1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45693" }, { "category": "external", "summary": "RHBZ#2155970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-30T17:12:00+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nInstallation instructions are available from the Camel for Spring Boot 3.14.5 product documentation page.\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/getting_started_with_camel_spring_boot/index\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/camel_spring_boot_reference/index", "product_ids": [ "RHINT Camel-Springboot 3.14.5.P1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0544" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "RHINT Camel-Springboot 3.14.5.P1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos" }, { "cve": "CVE-2022-46363", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155681" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: directory listing / code exfiltration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-Springboot 3.14.5.P1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46363" }, { "category": "external", "summary": "RHBZ#2155681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363" }, { "category": "external", "summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c", "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-30T17:12:00+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nInstallation instructions are available from the Camel for Spring Boot 3.14.5 product documentation page.\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/getting_started_with_camel_spring_boot/index\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/camel_spring_boot_reference/index", "product_ids": [ "RHINT Camel-Springboot 3.14.5.P1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0544" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "RHINT Camel-Springboot 3.14.5.P1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "CXF: directory listing / code exfiltration" }, { "cve": "CVE-2022-46364", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-12-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155682" } ], "notes": [ { "category": "description", "text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", "title": "Vulnerability description" }, { "category": "summary", "text": "CXF: SSRF Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "RHINT Camel-Springboot 3.14.5.P1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46364" }, { "category": "external", "summary": "RHBZ#2155682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364" }, { "category": "external", "summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2", "url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-30T17:12:00+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nInstallation instructions are available from the Camel for Spring Boot 3.14.5 product documentation page.\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/getting_started_with_camel_spring_boot/index\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1/html/camel_spring_boot_reference/index", "product_ids": [ "RHINT Camel-Springboot 3.14.5.P1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0544" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "RHINT Camel-Springboot 3.14.5.P1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "CXF: SSRF Vulnerability" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.