Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1866: Red Hat Security Advisory: OpenShift Container Platform 4.10.58 security update

Red Hat OpenShift Container Platform release 4.10.58 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-42889: A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
  • CVE-2023-25761: A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
  • CVE-2023-25762: A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
Red Hat Security Data
#xss#vulnerability#web#linux#red_hat#apache#nodejs#js#git#java#kubernetes#rce#aws#ibm#rpm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-04-26

Updated:

2023-04-26

RHSA-2023:1866 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: OpenShift Container Platform 4.10.58 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.10.58 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.10.

Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.58. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2023:1867

Security Fix(es):

  • apache-commons-text: variable interpolation RCE (CVE-2022-42889)
  • jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
  • jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.10 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

Fixes

  • BZ - 2135435 - CVE-2022-42889 apache-commons-text: variable interpolation RCE
  • BZ - 2170039 - CVE-2023-25761 jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin
  • BZ - 2170041 - CVE-2023-25762 jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html

Red Hat OpenShift Container Platform 4.10 for RHEL 8

SRPM

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.src.rpm

SHA-256: d594ed72c20cc4bceda9b3bf785c01e43977a4bbd8e85d0dc350f38439d6da31

jenkins-2-plugins-4.10.1681719745-1.el8.src.rpm

SHA-256: 34d8f0f4461c88aa86960fd9a6c5d36adbe1ccaf224f03c2f007931cd9ef637b

jenkins-2.387.1.1681718871-1.el8.src.rpm

SHA-256: f7ead189b1bdc8d919c2707ee6e240030fea08eb918b1f137cbe23131bf8daa0

x86_64

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.x86_64.rpm

SHA-256: 5bf1d63eb2e1cc9e919a5ccd69de6e750b66825885f489acf3ee09e592c1628a

cri-o-debuginfo-1.23.5-10.rhaos4.10.gitcc8441d.el8.x86_64.rpm

SHA-256: 7929881177d94aa7f8e18696eb48ab94d8c7b2aa4a683851e795c8e8cab693b2

cri-o-debugsource-1.23.5-10.rhaos4.10.gitcc8441d.el8.x86_64.rpm

SHA-256: fa186e0b7f73825280a10b582835935883d07d27b89ac947976dfe72c03857ec

jenkins-2-plugins-4.10.1681719745-1.el8.noarch.rpm

SHA-256: 520a1e8979834eccdc183f22738792590c4497e83f6a5b1c162202909f5071b5

jenkins-2.387.1.1681718871-1.el8.noarch.rpm

SHA-256: 0efca5d26ec4dd476e7b6b718d97cd70e51a015de08ba049db891f0f8907104c

Red Hat OpenShift Container Platform 4.10 for RHEL 7

SRPM

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el7.src.rpm

SHA-256: 81447c2abf92e49baed050a8ec45854d2ad498d5d8c8f0263a9f3f27a41e828e

x86_64

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el7.x86_64.rpm

SHA-256: b83f8551c72da448458a4e78f274796f55c3f879a64b83aeeeb495018858c855

cri-o-debuginfo-1.23.5-10.rhaos4.10.gitcc8441d.el7.x86_64.rpm

SHA-256: a3ad2cde7ee274127b23516348e4060d7edd56374fb123b2ab092228603c866b

Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8

SRPM

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.src.rpm

SHA-256: d594ed72c20cc4bceda9b3bf785c01e43977a4bbd8e85d0dc350f38439d6da31

jenkins-2-plugins-4.10.1681719745-1.el8.src.rpm

SHA-256: 34d8f0f4461c88aa86960fd9a6c5d36adbe1ccaf224f03c2f007931cd9ef637b

jenkins-2.387.1.1681718871-1.el8.src.rpm

SHA-256: f7ead189b1bdc8d919c2707ee6e240030fea08eb918b1f137cbe23131bf8daa0

ppc64le

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.ppc64le.rpm

SHA-256: 9668deee8c50223bfd21ac1e137a30dd5835f9bdab3cda719a23d9b46bfba285

cri-o-debuginfo-1.23.5-10.rhaos4.10.gitcc8441d.el8.ppc64le.rpm

SHA-256: e471cfd177a17fb9d354e4488368c3554e6e3cbb4eefb9198bc23a3afbdcc1b2

cri-o-debugsource-1.23.5-10.rhaos4.10.gitcc8441d.el8.ppc64le.rpm

SHA-256: 737e70079823448e4afa4ae72f3163f6e7178f3087e3659a2eb3a3607bf14614

jenkins-2-plugins-4.10.1681719745-1.el8.noarch.rpm

SHA-256: 520a1e8979834eccdc183f22738792590c4497e83f6a5b1c162202909f5071b5

jenkins-2.387.1.1681718871-1.el8.noarch.rpm

SHA-256: 0efca5d26ec4dd476e7b6b718d97cd70e51a015de08ba049db891f0f8907104c

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8

SRPM

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.src.rpm

SHA-256: d594ed72c20cc4bceda9b3bf785c01e43977a4bbd8e85d0dc350f38439d6da31

jenkins-2-plugins-4.10.1681719745-1.el8.src.rpm

SHA-256: 34d8f0f4461c88aa86960fd9a6c5d36adbe1ccaf224f03c2f007931cd9ef637b

jenkins-2.387.1.1681718871-1.el8.src.rpm

SHA-256: f7ead189b1bdc8d919c2707ee6e240030fea08eb918b1f137cbe23131bf8daa0

s390x

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.s390x.rpm

SHA-256: 95d335e2aa1786c96a10f481d5520e6985d2b39d726583b3aa6b77d0cb8fa4ad

cri-o-debuginfo-1.23.5-10.rhaos4.10.gitcc8441d.el8.s390x.rpm

SHA-256: 6bc20b092f868dfafde4546a0ae2fb8995aee0d74c66aad4fa123ef2f688da17

cri-o-debugsource-1.23.5-10.rhaos4.10.gitcc8441d.el8.s390x.rpm

SHA-256: 34393ad828231243929e46a5c649e3d3c648796b89735ba24fdf84bbfd8d97cd

jenkins-2-plugins-4.10.1681719745-1.el8.noarch.rpm

SHA-256: 520a1e8979834eccdc183f22738792590c4497e83f6a5b1c162202909f5071b5

jenkins-2.387.1.1681718871-1.el8.noarch.rpm

SHA-256: 0efca5d26ec4dd476e7b6b718d97cd70e51a015de08ba049db891f0f8907104c

Red Hat OpenShift Container Platform for ARM 64 4.10

SRPM

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.src.rpm

SHA-256: d594ed72c20cc4bceda9b3bf785c01e43977a4bbd8e85d0dc350f38439d6da31

jenkins-2-plugins-4.10.1681719745-1.el8.src.rpm

SHA-256: 34d8f0f4461c88aa86960fd9a6c5d36adbe1ccaf224f03c2f007931cd9ef637b

jenkins-2.387.1.1681718871-1.el8.src.rpm

SHA-256: f7ead189b1bdc8d919c2707ee6e240030fea08eb918b1f137cbe23131bf8daa0

aarch64

cri-o-1.23.5-10.rhaos4.10.gitcc8441d.el8.aarch64.rpm

SHA-256: 255f0115e057459f7dcc3f0ccaa0b880d1946f8280f288a74d0a2b519f870885

cri-o-debuginfo-1.23.5-10.rhaos4.10.gitcc8441d.el8.aarch64.rpm

SHA-256: 38cb6d1af8a26c2edbec10b0511c4238657cacfc08b2d0615da8ce3749568fd6

cri-o-debugsource-1.23.5-10.rhaos4.10.gitcc8441d.el8.aarch64.rpm

SHA-256: f9087049eb0c85b9b18026d70a36ff01cb78f87b88cd4688d7fd4e4a2256d58a

jenkins-2-plugins-4.10.1681719745-1.el8.noarch.rpm

SHA-256: 520a1e8979834eccdc183f22738792590c4497e83f6a5b1c162202909f5071b5

jenkins-2.387.1.1681718871-1.el8.noarch.rpm

SHA-256: 0efca5d26ec4dd476e7b6b718d97cd70e51a015de08ba049db891f0f8907104c

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2024-0776-03

Red Hat Security Advisory 2024-0776-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.

Red Hat Security Advisory 2024-0775-03

Red Hat Security Advisory 2024-0775-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Issues addressed include bypass, code execution, cross site scripting, deserialization, information leakage, and insecure permissions vulnerabilities.

Apache Commons Text 1.9 Remote Code Execution

This Metasploit module exploit takes advantage of the StringSubstitutor interpolator class, which is included in the Commons Text library. A default interpolator allows for string lookups that can lead to remote code execution. This is due to a logic flaw that makes the script, dns and url lookup keys interpolated by default, as opposed to what it should be, according to the documentation of the StringLookupFactory class. Those keys allow an attacker to execute arbitrary code via lookups primarily using the script key. In order to exploit the vulnerabilities, the following requirements must be met: Run a version of Apache Commons Text from version 1.5 to 1.9, use the StringSubstitutor interpolator, and the target should run JDK versions prior to 15.

CVE-2023-3140: Security Advisories | KNIME

Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server in which they have an identical webpage. The attacker essentially hijacks the user activity intended for the original server and sends them to the other server.

Red Hat Security Advisory 2023-3296-01

Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

RHSA-2023:3299: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-7692: PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An...

RHSA-2023:3195: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42889: A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execut...

RHSA-2023:3198: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26291: A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that r...

CVE-2023-2535: Security Advisories | KNIME

Sensitive information exposure in the Web Frontend of KNIME Business Hub until 1.X allows an unauthenticated attacker to extract information about the system. By making a request to a non-existent URL the system will sensitive information to the caller such as internal IP addresses, hostnames, Istio metadata, internal file paths and more. The problem is fixed in KNIME Business Hub 1.xxx. There is no workaround for previous versions.

Red Hat Security Advisory 2023-1866-01

Red Hat Security Advisory 2023-1866-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.58. Issues addressed include a cross site scripting vulnerability.

RHSA-2023:1655: Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update

Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3172: A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected acti...

Red Hat Security Advisory 2023-1006-01

Red Hat Security Advisory 2023-1006-01 - This release of Red Hat build of Quarkus 2.7.7 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution, denial of service, deserialization, information leakage, memory leak, and remote SQL injection vulnerabilities.

RHSA-2023:1006: Red Hat Security Advisory: Red Hat build of Quarkus 2.7.7 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1471: A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE). * CVE-2022-3171: A parsing issue with binary data in protobuf-java core an...

CVE-2023-23848: Jenkins Security Advisory 2023-02-15

Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVE-2023-23848: Jenkins Security Advisory 2023-02-15

Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVE-2023-23850: Jenkins Security Advisory 2023-02-15

A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CVE-2023-23850: Jenkins Security Advisory 2023-02-15

A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

GHSA-9j65-3f2q-8q2r: Cross-site Scripting in Jenkins Pipeline: Build Step Plugin

Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control job names.

GHSA-ph74-8rgx-64c5: Cross-site Scripting in Jenkins JUnit Plugin

Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.

CVE-2023-25763: Jenkins Security Advisory 2023-02-15

Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.

CVE-2023-25764: Jenkins Security Advisory 2023-02-15

Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.

CVE-2023-25762: Jenkins Security Advisory 2023-02-15

Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control job names.

CVE-2023-25765: Jenkins Security Advisory 2023-02-15

In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.

CVE-2023-25762: Jenkins Security Advisory 2023-02-15

Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control job names.

CVE-2023-25761: Jenkins Security Advisory 2023-02-15

Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.

CVE-2023-25768: Jenkins Security Advisory 2023-02-15

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.

CVE-2023-25764: Jenkins Security Advisory 2023-02-15

Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.

CVE-2023-25766: Jenkins Security Advisory 2023-02-15

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CVE-2023-25761: Jenkins Security Advisory 2023-02-15

Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.

CVE-2023-25763: Jenkins Security Advisory 2023-02-15

Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.

CVE-2023-25765: Jenkins Security Advisory 2023-02-15

In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.

CVE-2023-25766: Jenkins Security Advisory 2023-02-15

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CVE-2023-25768: Jenkins Security Advisory 2023-02-15

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.

Red Hat Security Advisory 2023-0469-01

Red Hat Security Advisory 2023-0469-01 - Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. Issues addressed include denial of service and memory exhaustion vulnerabilities.

RHSA-2023:0469: Red Hat Security Advisory: Red Hat Integration Camel Extensions For Quarkus 2.13.2

Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40149: jettison: parser crash by stackoverflow * CVE-2022-40150: jettison: memory exhaustion via user-supplied XML or JSON data * CVE-2022-40151: xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks * CVE-2022-40152: woodstox-core: woodstox to...

RHSA-2022:9023: Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3171: protobuf-java: timeout in parser leads to DoS * CVE-2022-4116: quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE * CVE-2022-4147: quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus * CVE-2022-31197: postgresql: SQL Injection in ResultSet.refreshRow() with mal...

RHSA-2022:8902: Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.18.3 release and security update

A minor version update (from 3.14.5 to 3.18.3) is now available for Camel for Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25897: sdk-server: Denial of Service * CVE-2022-31684: reactor-netty-http: Log request headers in some cases of invalid HTTP requests * CVE-2022-42889: apache-commons-text: variable interpolation RCE

Red Hat Security Advisory 2022-8652-01

Red Hat Security Advisory 2022-8652-01 - This release of Red Hat Fuse 7.11.1 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.

GHSA-599f-7c49-w659: Arbitrary code execution in Apache Commons Text

Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators ...

CVE-2019-2388: Ops Manager Server Changelog — MongoDB Ops Manager 6.0

In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5.

CVE-2019-19034: AssetExplorer ITAM Solution ServicePacks Readme

Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges.