rhsa-2024_4873
Vulnerability from csaf_redhat
Published
2024-07-25 15:04
Modified
2024-11-15 21:15
Summary
Red Hat Security Advisory: Apicurio Registry (container images) release and security update [ 2.6.1 GA ]

Notes

Topic
An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat build of Apicurio Registry 2.6.1 GA includes the following security fixes. Security Fix(es): * webpack-dev-middleware: lack of URL validation may lead to file leak [rhint-serv-2] (CVE-2024-29180) * express: cause malformed URLs to be evaluated [rhint-serv-2](CVE-2024-29041) * jetty: stop accepting new connections from valid clients [rhint-serv-2] (CVE-2024-22201) * jose4j: denial of service via specially crafted JWE [rhint-serv-2] (CVE-2023-51775) * quarkus-core: Leak of local configuration properties into Quarkus applications [rhint-serv-2] (CVE-2024-2700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This release of Red Hat build of Apicurio Registry 2.6.1 GA includes the following security fixes.\n\nSecurity Fix(es):\n\n* webpack-dev-middleware: lack of URL validation may lead to file leak [rhint-serv-2] (CVE-2024-29180)\n\n* express: cause malformed URLs to be evaluated [rhint-serv-2](CVE-2024-29041)\n\n* jetty: stop accepting new connections from valid clients [rhint-serv-2] (CVE-2024-22201)\n\n* jose4j: denial of service via specially crafted JWE [rhint-serv-2] (CVE-2023-51775)\n\n* quarkus-core: Leak of local configuration properties into Quarkus applications [rhint-serv-2] (CVE-2024-2700)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:4873",
        "url": "https://access.redhat.com/errata/RHSA-2024:4873"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2266136",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
      },
      {
        "category": "external",
        "summary": "2266921",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
      },
      {
        "category": "external",
        "summary": "2270863",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
      },
      {
        "category": "external",
        "summary": "2273281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
      },
      {
        "category": "external",
        "summary": "2290901",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4873.json"
      }
    ],
    "title": "Red Hat Security Advisory: Apicurio Registry (container images) release and security update [ 2.6.1 GA ]",
    "tracking": {
      "current_release_date": "2024-11-15T21:15:42+00:00",
      "generator": {
        "date": "2024-11-15T21:15:42+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2024:4873",
      "initial_release_date": "2024-07-25T15:04:49+00:00",
      "revision_history": [
        {
          "date": "2024-07-25T15:04:49+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-07-25T15:04:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-15T21:15:42+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Apicurio Registry 2.6.1 GA",
                "product": {
                  "name": "Red Hat build of Apicurio Registry 2.6.1 GA",
                  "product_id": "Red Hat build of Apicurio Registry 2.6.1 GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:apicurio_registry:2.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-51775",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-02-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2266921"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jose4j: denial of service via specially crafted JWE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apicurio Registry 2.6.1 GA"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51775"
        },
        {
          "category": "external",
          "summary": "RHBZ#2266921",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
        }
      ],
      "release_date": "2024-02-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-07-25T15:04:49+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:4873"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jose4j: denial of service via specially crafted JWE"
    },
    {
      "cve": "CVE-2024-2700",
      "cwe": {
        "id": "CWE-526",
        "name": "Cleartext Storage of Sensitive Information in an Environment Variable"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273281"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application\u0027s build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "quarkus-core: Leak of local configuration properties into Quarkus applications",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this as a Moderate impact vulnerability since this requires an attacker to have direct access to the environment variables to override, and the application must use that environment variable to be jeopardized.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apicurio Registry 2.6.1 GA"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273281",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2700",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700"
        }
      ],
      "release_date": "2024-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-07-25T15:04:49+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:4873"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability. Please update as the patches become available.",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "quarkus-core: Leak of local configuration properties into Quarkus applications"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-02-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2266136"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jetty: stop accepting new connections from valid clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The issue in Jetty where HTTP/2 connections can enter a congested, idle state and potentially exhaust server file descriptors represents a moderate severity due to its impact on system resources and service availability. While the vulnerability requires the deliberate creation of numerous congested connections by an attacker, its exploitation can lead to denial-of-service conditions by consuming all available file descriptors. This scenario could disrupt legitimate client connections and impair server responsiveness.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apicurio Registry 2.6.1 GA"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2266136",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/issues/11256",
          "url": "https://github.com/jetty/jetty.project/issues/11256"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
        }
      ],
      "release_date": "2024-02-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-07-25T15:04:49+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:4873"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jetty: stop accepting new connections from valid clients"
    },
    {
      "cve": "CVE-2024-29041",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "discovery_date": "2024-06-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2290901"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Express.js minimalist web framework for node. Versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "express: cause malformed URLs to be evaluated",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apicurio Registry 2.6.1 GA"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29041"
        },
        {
          "category": "external",
          "summary": "RHBZ#2290901",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
        },
        {
          "category": "external",
          "summary": "https://expressjs.com/en/4x/api.html#res.location",
          "url": "https://expressjs.com/en/4x/api.html#res.location"
        },
        {
          "category": "external",
          "summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
          "url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
        },
        {
          "category": "external",
          "summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
          "url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
        },
        {
          "category": "external",
          "summary": "https://github.com/expressjs/express/pull/5539",
          "url": "https://github.com/expressjs/express/pull/5539"
        },
        {
          "category": "external",
          "summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
          "url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
        },
        {
          "category": "external",
          "summary": "https://github.com/koajs/koa/issues/1800",
          "url": "https://github.com/koajs/koa/issues/1800"
        }
      ],
      "release_date": "2024-03-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-07-25T15:04:49+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:4873"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "express: cause malformed URLs to be evaluated"
    },
    {
      "cve": "CVE-2024-29180",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-03-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2270863"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apicurio Registry 2.6.1 GA"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29180"
        },
        {
          "category": "external",
          "summary": "RHBZ#2270863",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
        },
        {
          "category": "external",
          "summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
          "url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
        }
      ],
      "release_date": "2024-03-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-07-25T15:04:49+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:4873"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apicurio Registry 2.6.1 GA"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.