rhsa-2023_4628
Vulnerability from csaf_redhat
Published
2023-08-15 17:37
Modified
2024-11-06 03:32
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* apr-util: integer overflow/wraparound in apr_encode (CVE-2022-24963)
* apr-util: Windows out-of-bounds write in apr_socket_sendv function (CVE-2022-28331)
* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)
* httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)
* mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass (CVE-2022-48279)
* modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass (CVE-2023-24021)
* httpd: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)
* curl: use after free in SSH sha256 fingerprint check (CVE-2023-28319)
* curl: IDN wildcard match may lead to Improper Cerificate Validation (CVE-2023-28321)
* libxml2: NULL dereference in xmlSchemaFixupComplexType (CVE-2023-28484)
* libxml2: Hashing of empty dict strings isn't deterministic (CVE-2023-29469)
* curl: more POST-after-PUT confusion (CVE-2023-28322)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.57 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* apr-util: integer overflow/wraparound in apr_encode (CVE-2022-24963)\n\n* apr-util: Windows out-of-bounds write in apr_socket_sendv function (CVE-2022-28331)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)\n\n* httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)\n\n* mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass (CVE-2022-48279)\n\n* modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass (CVE-2023-24021)\n\n* httpd: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)\n\n* curl: use after free in SSH sha256 fingerprint check (CVE-2023-28319)\n\n* curl: IDN wildcard match may lead to Improper Cerificate Validation (CVE-2023-28321)\n\n* libxml2: NULL dereference in xmlSchemaFixupComplexType (CVE-2023-28484)\n\n* libxml2: Hashing of empty dict strings isn\u0027t deterministic (CVE-2023-29469)\n\n* curl: more POST-after-PUT confusion (CVE-2023-28322)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:4628", "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2161773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161773" }, { "category": "external", "summary": "2161777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161777" }, { "category": "external", "summary": "2163615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163615" }, { "category": "external", "summary": "2163622", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163622" }, { "category": "external", "summary": "2169465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169465" }, { "category": "external", "summary": "2172556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172556" }, { "category": "external", "summary": "2176211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176211" }, { "category": "external", "summary": "2185984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185984" }, { "category": "external", "summary": "2185994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185994" }, { "category": "external", "summary": "2196778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196778" }, { "category": "external", "summary": "2196786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786" }, { "category": "external", "summary": "2196793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4628.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update", "tracking": { "current_release_date": "2024-11-06T03:32:29+00:00", "generator": { "date": "2024-11-06T03:32:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:4628", "initial_release_date": "2023-08-15T17:37:09+00:00", "revision_history": [ { "date": "2023-08-15T17:37:09+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-08-15T17:37:09+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T03:32:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services 1", "product": { "name": "Red Hat JBoss Core Services 1", "product_id": "Red Hat JBoss Core Services 1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24963", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2023-02-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2169465" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer.", "title": "Vulnerability description" }, { "category": "summary", "text": "apr: integer overflow/wraparound in apr_encode", "title": "Vulnerability summary" }, { "category": "other", "text": "Versions of \"apr-util\" shipped with Red Hat Enterprise Linux-6, 7, 8, and 9 are not affected. \"apr_encode_*\" API, which contains the affected code was added in apr-utils v1.7.0, whereas, RHEL ships apr-util v1.6.1 and lower.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24963" }, { "category": "external", "summary": "RHBZ#2169465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169465" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24963", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24963" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24963", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24963" }, { "category": "external", "summary": "https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9", "url": "https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "apr: integer overflow/wraparound in apr_encode" }, { "cve": "CVE-2022-28331", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2023-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2172556" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Portable Runtime, affecting versions \u003c= 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affects Windows environments.", "title": "Vulnerability description" }, { "category": "summary", "text": "apr: Windows out-of-bounds write in apr_socket_sendv function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-28331" }, { "category": "external", "summary": "RHBZ#2172556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172556" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28331", "url": "https://www.cve.org/CVERecord?id=CVE-2022-28331" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28331", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28331" }, { "category": "external", "summary": "https://lists.apache.org/thread/5pfdfn7h0vsdo5xzjn97vghp0x42jj2r", "url": "https://lists.apache.org/thread/5pfdfn7h0vsdo5xzjn97vghp0x42jj2r" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "apr: Windows out-of-bounds write in apr_socket_sendv function" }, { "cve": "CVE-2022-36760", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2023-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2161777" } ], "notes": [ { "category": "description", "text": "A flaw was found in the mod_proxy_ajp module of httpd. The connection is not closed when there is an invalid Transfer-Encoding header, allowing an attacker to smuggle requests to the AJP server, where it forwards requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_ajp: Possible request smuggling", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw only affects configurations with mod_proxy_ajp loaded and with an AJP backend configured. If there is no proxy configured to an AJP backend the server is not affected and no further mitigation is needed. For more information about the mitigation, check the mitigation section below.\n\nThe httpd mod_proxy_ajp module is enabled by default on Red Hat Enterprise Linux 6, 7, 8, 9, and in RHSCL. However, there are no directives forwarding requests using the AJP protocol.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-36760" }, { "category": "external", "summary": "RHBZ#2161777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-36760", "url": "https://www.cve.org/CVERecord?id=CVE-2022-36760" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36760", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36760" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-36760", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-36760" } ], "release_date": "2023-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_ajp: Possible request smuggling" }, { "cve": "CVE-2022-37436", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2023-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2161773" } ], "notes": [ { "category": "description", "text": "A flaw was found in the mod_proxy module of httpd. A malicious backend can cause the response headers to be truncated because they are not cleaned when an error is found while reading them, resulting in some headers being incorporated into the response body and not being interpreted by a client.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy: HTTP response splitting", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is only exploitable via bad headers generated by a malicious backend or a malicious application.\n\nhttpd as shipped in Red Hat Enterprise Linux 7, 8, 9 and in RHSCL is vulnerable to this flaw. httpd as shipped in Red Hat Enterprise Linux 6 is not affected.\n\nThis flaw has been rated as having a security impact of moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37436" }, { "category": "external", "summary": "RHBZ#2161773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161773" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37436", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37436" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37436", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37436" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-37436", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-37436" } ], "release_date": "2023-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. It\u0027s recommended to update the affected packages as soon as an update is available.", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy: HTTP response splitting" }, { "cve": "CVE-2022-48279", "cwe": { "id": "CWE-1389", "name": "Incorrect Parsing of Numbers with Different Radices" }, "discovery_date": "2023-01-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2163622" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in ModSecurity. This issue occurs when HTTP multipart requests are incorrectly parsed and could bypass the Web Application Firewall. NOTE: This is related to CVE-2022-39956, but can be considered independent changes to the ModSecurity (C language) codebase.", "title": "Vulnerability description" }, { "category": "summary", "text": "mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48279" }, { "category": "external", "summary": "RHBZ#2163622", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163622" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48279", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48279" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48279", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48279" } ], "release_date": "2023-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass" }, { "cve": "CVE-2023-24021", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2023-01-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2163615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in ModSecurity. This issue occurs when FILES_TMP_CONTENT lacks complete content, which can lead to a Web Application Firewall bypass.", "title": "Vulnerability description" }, { "category": "summary", "text": "modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-24021" }, { "category": "external", "summary": "RHBZ#2163615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24021", "url": "https://www.cve.org/CVERecord?id=CVE-2023-24021" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24021", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24021" } ], "release_date": "2023-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass" }, { "cve": "CVE-2023-27522", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2023-03-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2176211" } ], "notes": [ { "category": "description", "text": "An HTTP Response Smuggling vulnerability was found in the Apache HTTP Server via mod_proxy_uwsgi. This security issue occurs when special characters in the origin response header can truncate or split the response forwarded to the client.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_uwsgi HTTP response splitting", "title": "Vulnerability summary" }, { "category": "other", "text": "The HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi has been categorized as moderate severity for Red Hat Enterprise Linux due to several technical factors. While the potential impact of this vulnerability is significant, its exploitation requires specific conditions, including the presence of mod_proxy_uwsgi and the ability to inject specially crafted headers into requests. Additionally, successful exploitation depends on the specific configuration of the server and the network environment. Furthermore, the vulnerability primarily affects the integrity and reliability of HTTP responses, rather than directly leading to remote code execution or unauthorized access. Therefore, the likelihood of exploitation and the potential impact on affected systems have been evaluated as moderate, warranting attention and remediation but not categorized as important.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-27522" }, { "category": "external", "summary": "RHBZ#2176211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-27522", "url": "https://www.cve.org/CVERecord?id=CVE-2023-27522" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27522", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27522" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html", "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "release_date": "2023-03-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_uwsgi HTTP response splitting" }, { "acknowledgments": [ { "names": [ "Wei Chong Tan", "Daniel Stenberg" ] } ], "cve": "CVE-2023-28319", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2023-05-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2196778" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Curl package. This flaw risks inserting sensitive heap-based data into the error message that users might see or is otherwise leaked and revealed.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: use after free in SSH sha256 fingerprint check", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability does not affect the Curl package as shipped in Red Hat Enterprise Linux 6, 7, 8 and 9.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28319" }, { "category": "external", "summary": "RHBZ#2196778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196778" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28319", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28319" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-28319.html", "url": "https://curl.se/docs/CVE-2023-28319.html" } ], "release_date": "2023-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: use after free in SSH sha256 fingerprint check" }, { "acknowledgments": [ { "names": [ "Hiroki Kurosawa", "Daniel Stenberg" ] } ], "cve": "CVE-2023-28321", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2023-05-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2196786" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Curl package. An incorrect International Domain Name (IDN) wildcard match may lead to improper certificate validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: IDN wildcard match may lead to Improper Cerificate Validation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28321" }, { "category": "external", "summary": "RHBZ#2196786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28321", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-28321.html", "url": "https://curl.se/docs/CVE-2023-28321.html" } ], "release_date": "2023-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "curl: IDN wildcard match may lead to Improper Cerificate Validation" }, { "acknowledgments": [ { "names": [ "Hiroki Kurosawa", "Daniel Stenberg" ] } ], "cve": "CVE-2023-28322", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "discovery_date": "2023-05-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2196793" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: more POST-after-PUT confusion", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28322" }, { "category": "external", "summary": "RHBZ#2196793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196793" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28322", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-28322.html", "url": "https://curl.se/docs/CVE-2023-28322.html" } ], "release_date": "2023-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "curl: more POST-after-PUT confusion" }, { "cve": "CVE-2023-28484", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2185994" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing (invalid) XML schemas.", "title": "Vulnerability description" }, { "category": "summary", "text": "libxml2: NULL dereference in xmlSchemaFixupComplexType", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28484" }, { "category": "external", "summary": "RHBZ#2185994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185994" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28484", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28484", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28484" } ], "release_date": "2023-04-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libxml2: NULL dereference in xmlSchemaFixupComplexType" }, { "cve": "CVE-2023-29469", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-04-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2185984" } ], "notes": [ { "category": "description", "text": "A flaw was found in libxml2. This issue occurs when hashing empty strings which aren\u0027t null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors.", "title": "Vulnerability description" }, { "category": "summary", "text": "libxml2: Hashing of empty dict strings isn\u0027t deterministic", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-29469" }, { "category": "external", "summary": "RHBZ#2185984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29469", "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29469" } ], "release_date": "2023-04-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-08-15T17:37:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:4628" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libxml2: Hashing of empty dict strings isn\u0027t deterministic" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.