rhsa-2024_2945
Vulnerability from csaf_redhat
Published
2024-05-21 14:18
Modified
2024-09-18 08:46
Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update
Notes
Topic
Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.12.0 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2023-6717) keycloak: XSS via assertion consumer service URL in SAML POST-binding flow
* (CVE-2024-1132) keycloak: path transversal in redirection validation
* (CVE-2024-1249) keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS
* (CVE-2024-22259) springframework: URL Parsing with Host Validation
* (CVE-2022-41678) Apache ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE
* (CVE-2023-44981) zookeeper: Authorization Bypass in Apache ZooKeeper
* (CVE-2023-6378) logback: serialization vulnerability in logback receiver
* (CVE-2023-6481) logback: A serialization vulnerability in logback receiver
* (CVE-2024-29025) netty-codec-http: Allocation of Resources Without Limits or Throttling
* (CVE-2024-29131) commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
* (CVE-2024-29133) commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.\n\nThis release of Red Hat AMQ Broker 7.12.0 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2023-6717) keycloak: XSS via assertion consumer service URL in SAML POST-binding flow\n* (CVE-2024-1132) keycloak: path transversal in redirection validation\n* (CVE-2024-1249) keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS\n* (CVE-2024-22259) springframework: URL Parsing with Host Validation\n* (CVE-2022-41678) Apache ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE\n* (CVE-2023-44981) zookeeper: Authorization Bypass in Apache ZooKeeper\n* (CVE-2023-6378) logback: serialization vulnerability in logback receiver\n* (CVE-2023-6481) logback: A serialization vulnerability in logback receiver\n* (CVE-2024-29025) netty-codec-http: Allocation of Resources Without Limits or Throttling\n* (CVE-2024-29131) commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()\n* (CVE-2024-29133) commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2945",
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.12.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.12.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.12",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.12"
},
{
"category": "external",
"summary": "2243436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243436"
},
{
"category": "external",
"summary": "2252185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252185"
},
{
"category": "external",
"summary": "2252230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230"
},
{
"category": "external",
"summary": "2252956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956"
},
{
"category": "external",
"summary": "2253952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952"
},
{
"category": "external",
"summary": "2262117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262117"
},
{
"category": "external",
"summary": "2262918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262918"
},
{
"category": "external",
"summary": "2269846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269846"
},
{
"category": "external",
"summary": "2270673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270673"
},
{
"category": "external",
"summary": "2270674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270674"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2945.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update",
"tracking": {
"current_release_date": "2024-09-18T08:46:55+00:00",
"generator": {
"date": "2024-09-18T08:46:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:2945",
"initial_release_date": "2024-05-21T14:18:30+00:00",
"revision_history": [
{
"date": "2024-05-21T14:18:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-21T14:18:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T08:46:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ 7",
"product": {
"name": "Red Hat JBoss A-MQ 7",
"product_id": "Red Hat JBoss A-MQ 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_broker:7.12"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41678",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-11-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2252185"
}
],
"notes": [
{
"category": "description",
"text": "Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution.\u00a0\n\nIn details, in ActiveMQ configurations, jetty allows\norg.jolokia.http.AgentServlet to handler request to /api/jolokia\n\norg.jolokia.http.HttpRequestHandler#handlePostRequest is able to\ncreate JmxRequest through JSONObject. And calls to\norg.jolokia.http.HttpRequestHandler#executeRequest.\n\nInto deeper calling stacks,\norg.jolokia.handler.ExecHandler#doHandleRequest can be invoked\nthrough refection. This could lead to RCE through via\nvarious mbeans. One example is unrestricted deserialization in jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.\n\n1 Call newRecording.\n\n2 Call setConfiguration. And a webshell data hides in it.\n\n3 Call startRecording.\n\n4 Call copyTo method. The webshell will be written to a .jsp file.\n\nThe mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.\nA more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0.\n",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered moderate severity due to the requirement of authenticated access to exploit the flaw, significantly reducing the risk to systems that enforce strong authentication controls. While it does allow for remote code execution through Jolokia\u0027s request handling and Java Management Extensions (JMX), the exploitation pathway is complex and relies on specific conditions, such as the presence of Java 11 or higher and misconfigured or permissive Jolokia settings. an authenticated attacker to achieve remote code execution (RCE) within the ActiveMQ environment.Only an authenticated attacker to achieve remote code execution (RCE) within the ActiveMQ environment. In environments where authentication is well-managed and Jolokia is correctly configured or disabled, the likelihood of successful exploitation is reduced, mitigating the overall impact on system security.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41678"
},
{
"category": "external",
"summary": "RHBZ#2252185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252185"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41678"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41678",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41678"
}
],
"release_date": "2023-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE"
},
{
"cve": "CVE-2023-6378",
"cwe": {
"id": "CWE-499",
"name": "Serializable Class Containing Sensitive Data"
},
"discovery_date": "2023-11-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2252230"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the logback package, where it is vulnerable to a denial of service caused by a serialization flaw in the receiver component. By sending specially crafted poisoned data, a remote attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "logback: serialization vulnerability in logback receiver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Logback package vulnerability, posing a risk of denial-of-service through a serialization flaw in its receiver component, is considered a moderate issue due to its potential impact on system availability. While denial-of-service vulnerabilities can be disruptive, the severity is tempered by the fact that they generally do not result in unauthorized access or data compromise.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6378"
},
{
"category": "external",
"summary": "RHBZ#2252230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252230"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6378"
}
],
"release_date": "2023-11-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "logback: serialization vulnerability in logback receiver"
},
{
"cve": "CVE-2023-6481",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-12-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2252956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the logback package. Affected versions of this package are vulnerable to Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027) via the logback receiver component. This flaw allows an attacker to mount a denial-of-service attack by sending poisoned data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "logback: A serialization vulnerability in logback receiver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The security vulnerability in the logback package is considered of moderate severity due to its potential for facilitating a denial-of-service (DoS) attack. While a DoS attack can disrupt service availability, this vulnerability may not lead to more severe consequences such as unauthorized access or data breaches.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6481"
},
{
"category": "external",
"summary": "RHBZ#2252956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6481"
}
],
"release_date": "2023-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "logback: A serialization vulnerability in logback receiver"
},
{
"cve": "CVE-2023-6717",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS via assertion consumer service URL in SAML POST-binding flow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6717"
},
{
"category": "external",
"summary": "RHBZ#2253952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6717"
}
],
"release_date": "2024-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS via assertion consumer service URL in SAML POST-binding flow"
},
{
"cve": "CVE-2023-44981",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2023-10-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243436"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache ZooKeeper. Authorization bypass through user-controlled key is available iff SASL Quorum Peer authentication is enabled in ZooKeeper via quorum.auth.enableSasl=true configuration. A malicious user could bypass the authentication controller by using a non-existing instance part in SASL authentication ID (which is optional), therefore, the server would skip this check and as a result, join the cluster and propagate information with complete read and write access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zookeeper: Authorization Bypass in Apache ZooKeeper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat AMQ 7 Broker and Red Hat AMQ Streams 2 use Zookeeper but do not use or enable the vulnerable functionality, Peer Authentication. They are affected at Moderate Impact by this flaw.\n\nRed Hat Fuse 7 uses Zookeeper but does not use any of its server capabilities and as such is not vulnerable, and so is affected at Low Impact by this flaw.\n\nRed Hat Process Automation Manager 7 and Red Hat Decision Manager 7 do not ship zookeeper, and so are not affected by this flaw.\n\nRed Hat Fuse 6 and AMQ 6 use Zookeeper but are not vulnerable to this flaw, and have been assessed as Important Impact and are as such out of security support scope for this flaw.\n\nRed Hat Business Process Manager Suite 6, Red Hat Business Rules Management Suite 6, Red Hat JBoss Data Virtualization 6, Red Hat OpenShift Application Runtime Vert-x, and Red Hat Fuse Service Works 6 are out of security support scope for this flaw.\n\nAs no Red Hat products are affected at Critical Impact by this flaw, its overall impact has been reduced to Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44981"
},
{
"category": "external",
"summary": "RHBZ#2243436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44981"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b",
"url": "https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b"
}
],
"release_date": "2023-10-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "According to Apache\u0027s document: Ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "zookeeper: Authorization Bypass in Apache ZooKeeper"
},
{
"acknowledgments": [
{
"names": [
"Axel Flamcourt"
]
}
],
"cve": "CVE-2024-1132",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2262117"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: path transversal in redirection validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution, but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason, Quarkus is marked as having a Low impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1132"
},
{
"category": "external",
"summary": "RHBZ#2262117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262117"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1132"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1132",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1132"
}
],
"release_date": "2024-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "No current mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: path transversal in redirection validation"
},
{
"acknowledgments": [
{
"names": [
"Adriano M\u00e1rcio Monteiro"
]
}
],
"cve": "CVE-2024-1249",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2024-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2262918"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OIDC component in the \"checkLoginIframe,\" which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application\u0027s availability without proper origin validation for incoming messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in Keycloak\u0027s OIDC component allowing unvalidated cross-origin messages in the \"checkLoginIframe\" function represents an important severity issue due to its potential to cause significant disruption and resource exhaustion. Exploitation of this flaw can lead to a Denial of Service (DoS) condition, where malicious actors can overwhelm the server with a high volume of requests, impacting availability for legitimate users. The absence of proper origin validation means attackers can exploit this weakness relatively easily, leveraging automated scripts to flood the server within seconds.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1249"
},
{
"category": "external",
"summary": "RHBZ#2262918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262918"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1249",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1249"
}
],
"release_date": "2024-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS"
},
{
"cve": "CVE-2024-22259",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269846"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Spring Framework. Affected versions of this package are vulnerable to an Open Redirect when using UriComponentsBuilder to parse an externally provided URL and perform validation checks on the host of the parsed URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: URL Parsing with Host Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-22259"
},
{
"category": "external",
"summary": "RHBZ#2269846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22259"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-22259",
"url": "https://spring.io/security/cve-2024-22259"
}
],
"release_date": "2024-03-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "springframework: URL Parsing with Host Validation"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-29131",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270674"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29131"
},
{
"category": "external",
"summary": "RHBZ#2270674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29131",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29131"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554",
"url": "https://github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-configuration/commit/7d7d399d0598cb0ca5f81891de34694178156dab",
"url": "https://github.com/apache/commons-configuration/commit/7d7d399d0598cb0ca5f81891de34694178156dab"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/CONFIGURATION-840",
"url": "https://issues.apache.org/jira/browse/CONFIGURATION-840"
}
],
"release_date": "2024-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()"
},
{
"cve": "CVE-2024-29133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270673"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29133"
},
{
"category": "external",
"summary": "RHBZ#2270673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4",
"url": "https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/CONFIGURATION-841",
"url": "https://issues.apache.org/jira/browse/CONFIGURATION-841"
}
],
"release_date": "2024-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2945"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss A-MQ 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss A-MQ 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree"
}
]
}
Loading...