csaf_redhat - rhsa-2024

rhsa-2024_9571

Vulnerability from csaf_redhat

Published

2024-11-13 16:21

Modified

2024-11-21 19:48

Summary

Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update

Notes

Topic

Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat AMQ Streams 2.7.0, and includes security and bug fixes, and enhancements. Security Fix(es): * Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] "(CVE-2024-8184)" * Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] "(CVE-2024-9823)" * Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader "(CVE-2024-47554)" * Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users "(CVE-2024-7254)" "Drain Cleaner: Awaiting Analysis(CVE-2024-29025)" * Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. "(CVE-2024-8285)"

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat\nAMQ Streams 2.7.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \n\"(CVE-2024-8184)\"\n\n* Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] \"(CVE-2024-9823)\"\n\n* Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader \"(CVE-2024-47554)\"\n\n* Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users \"(CVE-2024-7254)\"\n\n\"Drain Cleaner: Awaiting Analysis(CVE-2024-29025)\"\n\n* Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. \"(CVE-2024-8285)\"",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:9571",
        "url": "https://access.redhat.com/errata/RHSA-2024:9571"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2272907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
      },
      {
        "category": "external",
        "summary": "2308606",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
      },
      {
        "category": "external",
        "summary": "2313454",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
      },
      {
        "category": "external",
        "summary": "2316271",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
      },
      {
        "category": "external",
        "summary": "2318564",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
      },
      {
        "category": "external",
        "summary": "2318565",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
      },
      {
        "category": "external",
        "summary": "ASUI-91",
        "url": "https://issues.redhat.com/browse/ASUI-91"
      },
      {
        "category": "external",
        "summary": "ENTMQST-2632",
        "url": "https://issues.redhat.com/browse/ENTMQST-2632"
      },
      {
        "category": "external",
        "summary": "ENTMQST-3288",
        "url": "https://issues.redhat.com/browse/ENTMQST-3288"
      },
      {
        "category": "external",
        "summary": "ENTMQST-4019",
        "url": "https://issues.redhat.com/browse/ENTMQST-4019"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5199",
        "url": "https://issues.redhat.com/browse/ENTMQST-5199"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5669",
        "url": "https://issues.redhat.com/browse/ENTMQST-5669"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5674",
        "url": "https://issues.redhat.com/browse/ENTMQST-5674"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5740",
        "url": "https://issues.redhat.com/browse/ENTMQST-5740"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5789",
        "url": "https://issues.redhat.com/browse/ENTMQST-5789"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5843",
        "url": "https://issues.redhat.com/browse/ENTMQST-5843"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5850",
        "url": "https://issues.redhat.com/browse/ENTMQST-5850"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5863",
        "url": "https://issues.redhat.com/browse/ENTMQST-5863"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5865",
        "url": "https://issues.redhat.com/browse/ENTMQST-5865"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5915",
        "url": "https://issues.redhat.com/browse/ENTMQST-5915"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6028",
        "url": "https://issues.redhat.com/browse/ENTMQST-6028"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6032",
        "url": "https://issues.redhat.com/browse/ENTMQST-6032"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6129",
        "url": "https://issues.redhat.com/browse/ENTMQST-6129"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6183",
        "url": "https://issues.redhat.com/browse/ENTMQST-6183"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6205",
        "url": "https://issues.redhat.com/browse/ENTMQST-6205"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6225",
        "url": "https://issues.redhat.com/browse/ENTMQST-6225"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6341",
        "url": "https://issues.redhat.com/browse/ENTMQST-6341"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6421",
        "url": "https://issues.redhat.com/browse/ENTMQST-6421"
      },
      {
        "category": "external",
        "summary": "ENTMQST-6422",
        "url": "https://issues.redhat.com/browse/ENTMQST-6422"
      },
      {
        "category": "external",
        "summary": "ENTMQSTPR-43",
        "url": "https://issues.redhat.com/browse/ENTMQSTPR-43"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9571.json"
      }
    ],
    "title": "Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update",
    "tracking": {
      "current_release_date": "2024-11-21T19:48:45+00:00",
      "generator": {
        "date": "2024-11-21T19:48:45+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2024:9571",
      "initial_release_date": "2024-11-13T16:21:03+00:00",
      "revision_history": [
        {
          "date": "2024-11-13T16:21:03+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-11-13T16:21:03+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T19:48:45+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Streams for Apache Kafka 2.8.0",
                "product": {
                  "name": "Streams for Apache Kafka 2.8.0",
                  "product_id": "Streams for Apache Kafka 2.8.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:amq_streams:2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Streams for Apache Kafka"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-09-19T01:20:29.981665+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2313454"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf: StackOverflow vulnerability in Protocol Buffers",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Streams for Apache Kafka 2.8.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-7254"
        },
        {
          "category": "external",
          "summary": "RHBZ#2313454",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa",
          "url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
        }
      ],
      "release_date": "2024-09-19T01:15:10.963000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-13T16:21:03+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "protobuf: StackOverflow vulnerability in Protocol Buffers"
    },
    {
      "cve": "CVE-2024-8184",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-10-14T16:01:01.239238+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2318564"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Streams for Apache Kafka 2.8.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-8184"
        },
        {
          "category": "external",
          "summary": "RHBZ#2318564",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/pull/11723",
          "url": "https://github.com/jetty/jetty.project/pull/11723"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
        },
        {
          "category": "external",
          "summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
        }
      ],
      "release_date": "2024-10-14T15:09:37.861000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-13T16:21:03+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
    },
    {
      "cve": "CVE-2024-8285",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "discovery_date": "2024-08-29T22:39:10.882000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308606"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kroxylicious: Missing upstream Kafka TLS hostname verification",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat have considered this vulnerability as a \u0027Moderate\u0027 severity given the complexity and the permission level required to perform a successful attacker.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Streams for Apache Kafka 2.8.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-8285"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308606",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8285",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-8285"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285"
        }
      ],
      "release_date": "2024-08-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-13T16:21:03+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kroxylicious: Missing upstream Kafka TLS hostname verification"
    },
    {
      "cve": "CVE-2024-9823",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-10-14T16:01:06.545771+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2318565"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jetty. The DosFilter can be exploited remotely by unauthorized users to trigger an out-of-memory condition by repeatedly sending specially crafted requests. This issue may cause a crash, leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Streams for Apache Kafka 2.8.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-9823"
        },
        {
          "category": "external",
          "summary": "RHBZ#2318565",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-9823",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/issues/1256",
          "url": "https://github.com/jetty/jetty.project/issues/1256"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h",
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
        },
        {
          "category": "external",
          "summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39",
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
        }
      ],
      "release_date": "2024-10-14T15:03:02.293000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-13T16:21:03+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2272907"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Streams for Apache Kafka 2.8.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "RHBZ#2272907",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
          "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
          "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
          "url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
        }
      ],
      "release_date": "2024-03-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-13T16:21:03+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-10-03T12:00:40.921058+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2316271"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Streams for Apache Kafka 2.8.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-47554"
        },
        {
          "category": "external",
          "summary": "RHBZ#2316271",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
          "url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
        }
      ],
      "release_date": "2024-10-03T11:32:48.936000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-13T16:21:03+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Streams for Apache Kafka 2.8.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Streams for Apache Kafka 2.8.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
    }
  ]
}

cve-2024-7254

Vulnerability from cvelistv5

Published

2024-09-19 00:18

Modified

2024-09-19 14:46

Severity ?

8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

Stack overflow in Protocol Buffers Java Lite

References

▼	URL	Tags
	https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa

Impacted products

▼	Vendor	Product
	Google	Protocol Buffers
	Google	protobuf-java
	Google	protobuf-javalite
	Google	protobuf-kotlin
	Google	protobuf-kotllin-lite
	Google	google-protobuf [JRuby Gem]

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:google:protobuf:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "protobuf",
            "vendor": "google",
            "versions": [
              {
                "lessThan": "28.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:google:google-protobuf:*:*:*:*:*:ruby:*:*",
              "cpe:2.3:a:google:protobuf-java:*:*:*:*:*:*:*:*",
              "cpe:2.3:a:google:protobuf-javalite:*:*:*:*:*:*:*:*",
              "cpe:2.3:a:google:protobuf-kotlin:*:*:*:*:*:*:*:*",
              "cpe:2.3:a:google:protobuf-kotlin-lite:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "protobuf-kotlin-lite",
            "vendor": "google",
            "versions": [
              {
                "lessThan": "3.25.5",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "4.27.5",
                "status": "affected",
                "version": "4.27",
                "versionType": "custom"
              },
              {
                "lessThan": "4.28.2",
                "status": "affected",
                "version": "4.28",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7254",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T14:29:43.468555Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T14:46:14.517Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Protocol Buffers",
          "repo": "https://github.com/protocolbuffers/protobuf",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "28.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://mvnrepository.com/artifact/com.google.protobuf/protobuf-java",
          "defaultStatus": "unaffected",
          "product": "protobuf-java",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "3.25.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.27.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.28.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "protobuf-javalite",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "3.25.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.27.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.28.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "protobuf-kotlin",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "3.25.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.27.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.28.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "protobuf-kotllin-lite",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "3.25.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.27.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.28.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://rubygems.org/gems/google-protobuf",
          "defaultStatus": "unaffected",
          "product": "google-protobuf [JRuby Gem]",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "3.25.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.27.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.28.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Alexis Challande, Trail of Bits Ecosystem Security Team \u003cecosystem@trailofbits.com\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAny project that parses untrusted Protocol Buffers data\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;containing an arbitrary number of nested \u003c/span\u003e\u003ccode\u003egroup\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es / series of \u003c/span\u003e\u003ccode\u003eSGROUP\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;tags can corrupted by exceeding the stack limit i.e. StackOverflow. \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eParsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "Any project that parses untrusted Protocol Buffers data\u00a0containing an arbitrary number of nested groups / series of SGROUP\u00a0tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-19T00:18:45.824Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack overflow in Protocol Buffers Java Lite",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2024-7254",
    "datePublished": "2024-09-19T00:18:45.824Z",
    "dateReserved": "2024-07-29T21:41:56.116Z",
    "dateUpdated": "2024-09-19T14:46:14.517Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-8184

Vulnerability from cvelistv5

Published

2024-10-14 15:09

Modified

2024-10-15 17:42

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

References

▼	URL	Tags
	https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq
	https://gitlab.eclipse.org/security/cve-assignement/-/issues/30
	https://github.com/jetty/jetty.project/pull/11723

Impacted products

▼	Vendor	Product
	Eclipse Foundation	Jetty

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8184",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T17:41:50.744158Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T17:42:01.168Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2/",
          "defaultStatus": "unaffected",
          "modules": [
            "jetty-server"
          ],
          "packageName": "org.eclipse.jetty:jetty-server",
          "product": "Jetty",
          "repo": "https://github.com/jetty/jetty.project",
          "vendor": "Eclipse Foundation",
          "versions": [
            {
              "lessThanOrEqual": "9.4.55",
              "status": "affected",
              "version": "9.3.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.23",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "11.0.23",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "12.0.8",
              "status": "affected",
              "version": "12.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "https://github.com/HRsGIT"
        }
      ],
      "datePublic": "2024-10-14T03:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There exists a security vulnerability in Jetty\u0027s \u003ccode\u003eThreadLimitHandler.getRemote()\u003c/code\u003e which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.\u003cbr\u003e"
            }
          ],
          "value": "There exists a security vulnerability in Jetty\u0027s ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-14T15:30:02.698Z",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
        },
        {
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
        },
        {
          "url": "https://github.com/jetty/jetty.project/pull/11723"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Do not use \u003ccode\u003eThreadLimitHandler\u003c/code\u003e.\u003cbr\u003e\nConsider use of \u003ccode\u003eQoSHandler\u003c/code\u003e instead to artificially limit resource utilization.\u003cbr\u003e"
            }
          ],
          "value": "Do not use ThreadLimitHandler.\n\nConsider use of QoSHandler instead to artificially limit resource utilization."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2024-8184",
    "datePublished": "2024-10-14T15:09:37.861Z",
    "dateReserved": "2024-08-26T15:58:44.006Z",
    "dateUpdated": "2024-10-15T17:42:01.168Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-8285

Vulnerability from cvelistv5

Published

2024-08-30 21:10

Modified

2024-11-13 16:39

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

Summary

Kroxylicious: missing upstream kafka tls hostname verification

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2024:9571	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-8285	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2308606	issue-tracking, x_refsource_REDHAT

Impacted products

▼	Vendor	Product
	Red Hat	Streams for Apache Kafka 2.8.0
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka
	Red Hat	streams for Apache Kafka

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8285",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-03T13:31:13.219614Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T13:32:03.256Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "io.kroxylicious-kroxylicious-parent",
          "product": "Streams for Apache Kafka 2.8.0",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-annotations",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-api",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-app",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-app-licenses",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-filter-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-integration-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-hashicorp-vault",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-hashicorp-vault-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-kroxylicious-inmemory",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-kroxylicious-inmemory-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-krpc-plugin",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-multitenant",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-record-encryption",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-record-validation",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-runtime",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-sample",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-simple-transform",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious.testing/testing-api",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious.testing/testing-impl",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious.testing/testing-junit5-extension",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-08-27T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-13T16:39:18.961Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9571",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8285"
        },
        {
          "name": "RHBZ#2308606",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-29T22:39:10.882000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-08-27T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kroxylicious: missing upstream kafka tls hostname verification",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-297: Improper Validation of Certificate with Host Mismatch"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8285",
    "datePublished": "2024-08-30T21:10:52.324Z",
    "dateReserved": "2024-08-28T19:38:52.128Z",
    "dateUpdated": "2024-11-13T16:39:18.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-29025

Vulnerability from cvelistv5

Published

2024-03-25 20:09

Modified

2024-08-02 01:03

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

Netty HttpPostRequestDecoder can OOM

References

▼	URL	Tags
	https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v	x_refsource_CONFIRM
	https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c	x_refsource_MISC
	https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html

Impacted products

▼	Vendor	Product
	netty	netty

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "netty",
            "vendor": "netty",
            "versions": [
              {
                "lessThan": "4.1.108.Final",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-29025",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-19T15:54:48.153095Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-19T21:08:16.746Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:03:51.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
          },
          {
            "name": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
          },
          {
            "name": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "netty",
          "vendor": "netty",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.1.108.Final"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers \u0026 clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-25T20:09:35.156Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
        },
        {
          "name": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
        },
        {
          "name": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html"
        }
      ],
      "source": {
        "advisory": "GHSA-5jpm-x58v-624v",
        "discovery": "UNKNOWN"
      },
      "title": "Netty HttpPostRequestDecoder can OOM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-29025",
    "datePublished": "2024-03-25T20:09:35.156Z",
    "dateReserved": "2024-03-14T16:59:47.611Z",
    "dateUpdated": "2024-08-02T01:03:51.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-9823

Vulnerability from cvelistv5

Published

2024-10-14 15:03

Modified

2024-10-15 17:49

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

Jetty DOS vulnerability on DosFilter

References

▼	URL	Tags
	https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h
	https://gitlab.eclipse.org/security/cve-assignement/-/issues/39
	https://github.com/jetty/jetty.project/issues/1256

Impacted products

▼	Vendor	Product
	Eclipse Foundation	Jetty
	Eclipse Jetty	Jetty
	Eclipse Jetty	Jetty
	Eclipse Jetty	Jetty

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "jetty",
            "vendor": "eclipse",
            "versions": [
              {
                "lessThan": "9.4.54",
                "status": "affected",
                "version": "9.0.0",
                "versionType": "semver"
              },
              {
                "lessThan": "10.0.18",
                "status": "affected",
                "version": "10.0.0",
                "versionType": "semver"
              },
              {
                "lessThan": "11.0.18",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "semver"
              },
              {
                "lessThan": "12.0.3",
                "status": "affected",
                "version": "12.0.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9823",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T17:46:11.062398Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T17:49:38.804Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2/",
          "defaultStatus": "unaffected",
          "modules": [
            "jetty-servlets"
          ],
          "packageName": "org.eclipse.jetty:jetty-servlets",
          "product": "Jetty",
          "repo": "https://github.com/jetty/jetty.project",
          "vendor": "Eclipse Foundation",
          "versions": [
            {
              "lessThan": "9.4.54",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "10.0.18",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "11.0.18",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://repo.maven.apache.org/maven2/",
          "defaultStatus": "unaffected",
          "modules": [
            "jetty-ee8-servlets"
          ],
          "packageName": "org.eclipse.jetty.ee8:jetty-ee8-servlets",
          "product": "Jetty",
          "repo": "https://github.com/jetty/jetty.project",
          "vendor": "Eclipse Jetty",
          "versions": [
            {
              "lessThan": "12.0.3",
              "status": "affected",
              "version": "12.0.0",
              "versionType": "semvar"
            }
          ]
        },
        {
          "collectionURL": "https://repo.maven.apache.org/maven2/",
          "defaultStatus": "unaffected",
          "modules": [
            "jetty-ee9-servlets"
          ],
          "packageName": "org.eclipse.jetty.ee8:jetty-ee9-servlets",
          "product": "Jetty",
          "repo": "https://github.com/jetty/jetty.project",
          "vendor": "Eclipse Jetty",
          "versions": [
            {
              "lessThan": "12.0.3",
              "status": "affected",
              "version": "12.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://repo.maven.apache.org/maven2/",
          "defaultStatus": "unaffected",
          "modules": [
            "jetty-ee10-servlets"
          ],
          "packageName": "org.eclipse.jetty.ee8:jetty-ee10-servlets",
          "product": "Jetty",
          "repo": "https://github.com/jetty/jetty.project",
          "vendor": "Eclipse Jetty",
          "versions": [
            {
              "lessThan": "12.0.3",
              "status": "affected",
              "version": "12.0.0",
              "versionType": "semvar"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lian Kee"
        }
      ],
      "datePublic": "2024-10-14T15:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally.\u003cbr\u003e"
            }
          ],
          "value": "There exists a security vulnerability in Jetty\u0027s DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory finally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-14T15:29:14.390Z",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
        },
        {
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
        },
        {
          "url": "https://github.com/jetty/jetty.project/issues/1256"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Jetty DOS vulnerability on DosFilter",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The \u003ccode\u003eDoSFilter\u003c/code\u003e can be configured to not use sessions for tracking usage by setting the \u003ccode\u003etrackSessions\u003c/code\u003e init parameter to \u003ccode\u003efalse\u003c/code\u003e.  This will then use only the IP tracking mechanism, which is not vulnerable.\u003cbr\u003e\nSessions can also be configured to have aggressive passivation or inactivation limits.\u003cbr\u003e"
            }
          ],
          "value": "The DoSFilter can be configured to not use sessions for tracking usage by setting the trackSessions init parameter to false.  This will then use only the IP tracking mechanism, which is not vulnerable.\n\nSessions can also be configured to have aggressive passivation or inactivation limits."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2024-9823",
    "datePublished": "2024-10-14T15:03:02.293Z",
    "dateReserved": "2024-10-10T15:56:32.744Z",
    "dateUpdated": "2024-10-15T17:49:38.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-47554

Vulnerability from cvelistv5

Published

2024-10-03 11:32

Modified

2024-10-03 18:03

Severity ?

Summary

Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader

References

▼	URL	Tags
	https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1	vendor-advisory

Impacted products

▼	Vendor	Product
	Apache Software Foundation	Apache Commons IO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47554",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-03T13:00:56.326970Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T13:01:04.231Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-10-03T18:03:28.321Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/10/03/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "commons-io:commons-io",
          "product": "Apache Commons IO",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.14.0",
              "status": "affected",
              "version": "2.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "tool",
          "value": "CodeQL"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUncontrolled Resource Consumption vulnerability in Apache Commons IO.\u003c/p\u003e\u003cp\u003eThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-03T11:32:48.936Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-47554",
    "datePublished": "2024-10-03T11:32:48.936Z",
    "dateReserved": "2024-09-26T16:12:46.116Z",
    "dateUpdated": "2024-10-03T18:03:28.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2024_9571

Vulnerability from csaf_redhat

cve-2024-7254

Vulnerability from cvelistv5

cve-2024-8184

Vulnerability from cvelistv5

cve-2024-8285

Vulnerability from cvelistv5

cve-2024-29025

Vulnerability from cvelistv5

cve-2024-9823

Vulnerability from cvelistv5

cve-2024-47554

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature