Security
Headlines
HeadlinesLatestCVEs

Headline

Red Hat Security Advisory 2023-4909-01

Red Hat Security Advisory 2023-4909-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, and integer overflow vulnerabilities.

Packet Storm
#vulnerability#web#linux#red_hat#dos#apache#js#java

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Moderate: Red Hat JBoss Web Server 5.7.4 release and security update
Advisory ID: RHSA-2023:4909-01
Product: Red Hat JBoss Web Server
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4909
Issue date: 2023-09-04
CVE Names: CVE-2022-24963 CVE-2023-24998 CVE-2023-28708
CVE-2023-28709
====================================================================

  1. Summary:

An update is now available for Red Hat JBoss Web Server 5.7.4 on Red Hat
Enterprise Linux versions 7, 8, and 9.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat JBoss Web Server 5.7 for RHEL 7 Server - noarch, x86_64
Red Hat JBoss Web Server 5.7 for RHEL 8 - noarch, x86_64
Red Hat JBoss Web Server 5.7 for RHEL 9 - noarch, x86_64

  1. Description:

Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the
PicketLink Vault extension for Apache Tomcat, and the Tomcat Native
library.

This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for
Red Hat JBoss Web Server 5.7.3. This release includes bug fixes,
enhancements and component upgrades, which are documented in the Release
Notes, linked to in the References section.

Security Fix(es):

  • apr: integer overflow/wraparound in apr_encode (CVE-2022-24963)

  • Apache Commons FileUpload: FileUpload DoS with excessive parts
    (CVE-2023-24998)

  • tomcat: not including the secure attribute causes information disclosure
    (CVE-2023-28708)

  • tomcat: Fix for CVE-2023-24998 was incomplete (CVE-2023-28709)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

  1. Solution:

Before applying the update, back up your existing Red Hat JBoss Web Server
installation (including all applications and configuration files).

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

  1. Bugs fixed (https://bugzilla.redhat.com/):

2169465 - CVE-2022-24963 apr: integer overflow/wraparound in apr_encode
2172298 - CVE-2023-24998 Apache Commons FileUpload: FileUpload DoS with excessive parts
2180856 - CVE-2023-28708 tomcat: not including the secure attribute causes information disclosure
2210321 - CVE-2023-28709 tomcat: Fix for CVE-2023-24998 was incomplete

  1. Package List:

Red Hat JBoss Web Server 5.7 for RHEL 7 Server:

Source:
jws5-tomcat-9.0.62-15.redhat_00013.1.el7jws.src.rpm
jws5-tomcat-native-1.2.31-15.redhat_15.el7jws.src.rpm

noarch:
jws5-tomcat-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-admin-webapps-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-docs-webapp-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-el-3.0-api-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-java-jdk11-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-java-jdk8-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-javadoc-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-jsp-2.3-api-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-lib-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-selinux-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-servlet-4.0-api-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm
jws5-tomcat-webapps-9.0.62-15.redhat_00013.1.el7jws.noarch.rpm

x86_64:
jws5-tomcat-native-1.2.31-15.redhat_15.el7jws.x86_64.rpm
jws5-tomcat-native-debuginfo-1.2.31-15.redhat_15.el7jws.x86_64.rpm

Red Hat JBoss Web Server 5.7 for RHEL 8:

Source:
jws5-tomcat-9.0.62-15.redhat_00013.1.el8jws.src.rpm
jws5-tomcat-native-1.2.31-15.redhat_15.el8jws.src.rpm

noarch:
jws5-tomcat-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-admin-webapps-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-docs-webapp-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-el-3.0-api-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-javadoc-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-jsp-2.3-api-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-lib-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-selinux-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-servlet-4.0-api-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm
jws5-tomcat-webapps-9.0.62-15.redhat_00013.1.el8jws.noarch.rpm

x86_64:
jws5-tomcat-native-1.2.31-15.redhat_15.el8jws.x86_64.rpm
jws5-tomcat-native-debuginfo-1.2.31-15.redhat_15.el8jws.x86_64.rpm

Red Hat JBoss Web Server 5.7 for RHEL 9:

Source:
jws5-tomcat-9.0.62-15.redhat_00013.1.el9jws.src.rpm
jws5-tomcat-native-1.2.31-15.redhat_15.el9jws.src.rpm

noarch:
jws5-tomcat-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-admin-webapps-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-docs-webapp-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-el-3.0-api-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-javadoc-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-jsp-2.3-api-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-lib-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-selinux-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-servlet-4.0-api-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm
jws5-tomcat-webapps-9.0.62-15.redhat_00013.1.el9jws.noarch.rpm

x86_64:
jws5-tomcat-native-1.2.31-15.redhat_15.el9jws.x86_64.rpm
jws5-tomcat-native-debuginfo-1.2.31-15.redhat_15.el9jws.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2022-24963
https://access.redhat.com/security/cve/CVE-2023-24998
https://access.redhat.com/security/cve/CVE-2023-28708
https://access.redhat.com/security/cve/CVE-2023-28709
https://access.redhat.com/security/updates/classification/#moderate

  1. Contact:

The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJk9dawAAoJENzjgjWX9erE1ycQAIwG6w749gWsv0nN3TgCLSn+
Ag1rdPKnc9K0BEer5aj3UZWq0ILQ0U2xkIV/+f03asPHSKehS0xAVAoTOB9eqDgB
f7rcxV6tDwkkOgEHlCQZXle5CzMmIIuAmzQoRI855sl3fo7m1s9w/XGfM9TuwANu
AAXKNZUc1EOtCzwQPbJ+RqwxXhiZvwaD1cXa/PtNmrmcFeQPjwZUTwWrs5KcDG/P
CCIugcTaD8lCFRQFHtF+GXY9A1xzQ4sgGBeSa2+MRLV2e5nVGjby+1ydLIhThdvl
7bD+wtI7WOQkVI1ZrfiVuYU6gmQB1YoaYz3l8bjY+PvxoXANIDWI2y9QzLvjHRdX
Q2DraXW6xMw0utFtFe5AiLevPH18VwBsdyUMOk8hpTQsRkw/Is7rIcHstucGJYSI
CBVloQ8FbPXPUlTw4eYSr22c3bEyJKTACJIN+badVjzUlu7zewqF7g8BHXJGFIfT
pwyfxOUfvAvn0qD8NvwE64yQ1pCIqcq/ffxliJp98cn86VrQ+H6+hwmxWOU1yoxe
jyON4uVUE+IcaPPP84SUyGZW+ZgZjrdkBv4OaBsMvQweIPXLk54/dkgDtdOMF6EJ
3AX0KKqoSTFWJ7i64DWturuhAFRTdqkxeItLWM5LMo0FKsZur8efbRRnSHQhNUib
PKxvfGMcijaSUTJ0s70k
=7k//
-----END PGP SIGNATURE-----

RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Related news

Ubuntu Security Notice USN-7106-1

Ubuntu Security Notice 7106-1 - It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. It was discovered that Tomcat had a vulnerability in its FORM authentication feature, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

Red Hat Security Advisory 2023-7711-03

Red Hat Security Advisory 2023-7711-03 - An update for apr is now available for Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.

CVE-2023-22130: Oracle Critical Patch Update Advisory - October 2023

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

CVE-2023-30994: Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138

Debian Security Advisory 5522-1

Debian Linux Security Advisory 5522-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server

Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution. The Australian software services provider said that the four high-severity flaws were fixed in new versions shipped last month. This includes - CVE-2022-25647 (CVSS score: 7.5) - A deserialization

CVE-2023-32338: Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.

Red Hat Security Advisory 2023-4910-01

Red Hat Security Advisory 2023-4910-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities.

Red Hat Security Advisory 2023-4910-01

Red Hat Security Advisory 2023-4910-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities.

Red Hat Security Advisory 2023-4910-01

Red Hat Security Advisory 2023-4910-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities.

RHSA-2023:4910: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

Red Hat JBoss Web Server 5.7.4 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2022-28331: A flaw was found in Apache Portable Runtime, affecting versions <= 1.7.0. This issue may allow a ma...

RHSA-2023:4910: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

Red Hat JBoss Web Server 5.7.4 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2022-28331: A flaw was found in Apache Portable Runtime, affecting versions <= 1.7.0. This issue may allow a ma...

RHSA-2023:4910: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

Red Hat JBoss Web Server 5.7.4 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2022-28331: A flaw was found in Apache Portable Runtime, affecting versions <= 1.7.0. This issue may allow a ma...

RHSA-2023:4909: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

An update is now available for Red Hat JBoss Web Server 5.7.4 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2023-24998: A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to...

RHSA-2023:4909: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

An update is now available for Red Hat JBoss Web Server 5.7.4 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2023-24998: A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to...

RHSA-2023:4909: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

An update is now available for Red Hat JBoss Web Server 5.7.4 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2023-24998: A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to...

Red Hat Security Advisory 2023-4628-01

Red Hat Security Advisory 2023-4628-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP response splitting, bypass, integer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4629-01

Red Hat Security Advisory 2023-4629-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section. Issues addressed include HTTP response splitting, bypass, integer overflow, and use-after-free vulnerabilities.

RHSA-2023:4629: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2022-36760: A flaw was found in the mod_proxy_ajp module of httpd. The connection is not closed when there is an invalid Transfer-Encoding header, allowing an attacker to smuggle requests to the AJP server, where it forw...

RHSA-2023:4628: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.57 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2022-28331: A flaw was found in Apache Portable Runtime, affecting versions <= 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affect...

CVE-2023-4009: Ops Manager Server Changelog — MongoDB Ops Manager 5.0

In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an authenticated user with project owner or project user admin access to generate an API key with the privileges of org owner resulting in privilege escalation.

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-28955: Security Bulletin: Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704.

GHSA-cx6h-86xw-9x34: Apache Tomcat - Fix for CVE-2023-24998 was incomplete

The fix for CVE-2023-24998 was incomplete. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVE-2023-0342: Ops Manager Server Changelog — MongoDB Ops Manager 6.0

MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12

CVE-2023-28043: DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.

CVE-2023-28709

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.

Red Hat Security Advisory 2023-2100-01

Red Hat Security Advisory 2023-2100-01 - This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include bypass, code execution, cross site scripting, denial of service, man-in-the-middle, memory exhaustion, resource exhaustion, and traversal vulnerabilities.

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

Debian Security Advisory 5381-1

Debian Linux Security Advisory 5381-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

GHSA-2c9m-w27f-53rm: Apache Tomcat vulnerable to Unprotected Transport of Credentials

When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel.

CVE-2023-28708

When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel.

CVE-2023-27898: Jenkins Security Advisory 2023-03-08

Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.

CVE-2023-27903: Jenkins Security Advisory 2023-03-08

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.

CVE-2023-27902: Jenkins Security Advisory 2023-03-08

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.

CVE-2023-27905: Jenkins Security Advisory 2023-03-08

Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.

CVE-2023-27899: Jenkins Security Advisory 2023-03-08

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.

Debian Security Advisory 5370-1

Debian Linux Security Advisory 5370-1 - Ronald Crane discovered that missing input saniting in the apr_encode functions of apr, the Apache Portable Runtime library, may result in denial of service or potentially the execution of arbitrary code.

Ubuntu Security Notice USN-5885-1

Ubuntu Security Notice 5885-1 - Ronald Crane discovered integer overflow vulnerabilities in the Apache Portable Runtime that could potentially result in memory corruption. A remote attacker could possibly use these issues to cause a denial of service or execute arbitrary code.

GHSA-hfrx-6qgj-fp6c: Apache Commons FileUpload denial of service vulnerability

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.

CVE-2022-24963

Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.

CVE-2019-2388: Ops Manager Server Changelog — MongoDB Ops Manager 6.0

In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5.

CVE-2016-8735: Apache Tomcat® - Apache Tomcat 9 vulnerabilities

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.

CVE-2016-6816: Apache Tomcat® - Apache Tomcat 9 vulnerabilities

The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.

Packet Storm: Latest News

Zeek 6.0.9