Headline
RHSA-2022:1443: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- CVE-2022-21476: OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- CVE-2022-21496: OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
Synopsis
Important: java-11-openjdk security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
- OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)
- OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)
- OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)
- OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)
- OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- BZ - 2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- BZ - 2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- BZ - 2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- BZ - 2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
CVEs
- CVE-2022-21426
- CVE-2022-21434
- CVE-2022-21443
- CVE-2022-21476
- CVE-2022-21496
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
x86_64
java-11-openjdk-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 35f5fc5887c63d772fb8115e6eb7fa4d32b68e7ec8460c97321c97a1fce1cec8
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: e4cafae82fa27c55fcbbe6e98f1a2470f608cbf6c87c245664e1f909575c2af7
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: b4bf2f951960152b613a5dccc4dde0a7cf2169098dc14582af60c60150e4fed8
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 16d3a72743dfdcde74d4d6c3dd1d9bbc0d217031675b7e6b588452754cafb6a0
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ea9cefbe0247a818eee02559501ee2161d5e2489634ff709b20146357de58279
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 1467ced90b58ebeacfd403db1f2e9b181632936dc4e1ddeea0d11f40e50f29dc
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8cca6d163432010d76c563159b04f70edf375b38acde2513d55f77841b62e5fc
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8b855f08afade348167385b441b54452ff7f9919c34e4d1cc28513a7e635637f
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 652d1cee99cbbdafba76d07f1ad457e6cac23c073c3cadc3c233727cf0a16a8e
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2616d8f65974616f33d994ce441f50ff41b4b0bf6201ebb1288f772ac5def78a
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 602f35527cf2e022ff4ad7b2818569af3f03f3e2d6d96f9449cafa6e0a9bd970
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 450d13580c4593221bb384c4bc6171117c923a999829dde9c81501e3116a62bf
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2a573271d848b4538eec558b43cec9a0e21044a94dd7e7906a86d6d9c529ae33
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 39e27277917d80911881204866e3cc23165a47f1c0327442a353fa303fe85e45
java-11-openjdk-src-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 935695fef7055301dba9ea836c7aef2723b4d72b5c775a7285850ddec4d59b89
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ff97b20c178c8d575b9f705875d7ba17f8f9bf7702aa72012807e140ba6e123d
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
x86_64
java-11-openjdk-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 35f5fc5887c63d772fb8115e6eb7fa4d32b68e7ec8460c97321c97a1fce1cec8
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: e4cafae82fa27c55fcbbe6e98f1a2470f608cbf6c87c245664e1f909575c2af7
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: b4bf2f951960152b613a5dccc4dde0a7cf2169098dc14582af60c60150e4fed8
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 16d3a72743dfdcde74d4d6c3dd1d9bbc0d217031675b7e6b588452754cafb6a0
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ea9cefbe0247a818eee02559501ee2161d5e2489634ff709b20146357de58279
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 1467ced90b58ebeacfd403db1f2e9b181632936dc4e1ddeea0d11f40e50f29dc
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8cca6d163432010d76c563159b04f70edf375b38acde2513d55f77841b62e5fc
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8b855f08afade348167385b441b54452ff7f9919c34e4d1cc28513a7e635637f
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 652d1cee99cbbdafba76d07f1ad457e6cac23c073c3cadc3c233727cf0a16a8e
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2616d8f65974616f33d994ce441f50ff41b4b0bf6201ebb1288f772ac5def78a
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 602f35527cf2e022ff4ad7b2818569af3f03f3e2d6d96f9449cafa6e0a9bd970
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 450d13580c4593221bb384c4bc6171117c923a999829dde9c81501e3116a62bf
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2a573271d848b4538eec558b43cec9a0e21044a94dd7e7906a86d6d9c529ae33
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 39e27277917d80911881204866e3cc23165a47f1c0327442a353fa303fe85e45
java-11-openjdk-src-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 935695fef7055301dba9ea836c7aef2723b4d72b5c775a7285850ddec4d59b89
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ff97b20c178c8d575b9f705875d7ba17f8f9bf7702aa72012807e140ba6e123d
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
s390x
java-11-openjdk-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 187bb98e3741574e95ab93f0af0274d94941140f76bea81a78a37cdcfa26d449
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: fddc4883d09ff4887adbe66555c9d5da53266ffd8572adecbfdd7a785405e857
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 154e98cb9d378851c8b6800208a6e5f39a4a5a09dbe8c6402f15510db6d8d83a
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 67b809b4dc4d053efb92acf255a93cf54871b73dc378600e878687b031ca837f
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 531f839f89c6b3babea5c464cd777a33925aa716d32496a133b8d4d550e37a6d
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 4f115da35e372102a81a3ff2f8d5c3a839ba934f21fe29994aa6ceadfdb78b5b
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: d4aaab9adebb944a72838ff3593efd5d7fd218c780874be3559b1b5fb5eefeb6
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 2329cb826c19f494dc8363d099890eea34e07865927e00095f839024176fccda
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 4a5e7b1a1d61b757c749857df14111c92ece9ad7ceaf6a8a60b89fbe9be53536
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 2db926b52e1048f95ddd4c3b3d39c294da74f2afb55e253f36172d19e668e560
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 94241978c7221d3ff6e24328bd18cf8ef6e4f998847912f13a5c5ccd2780f93b
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: f3bba3bb58bc5f2ce727bb37c33c2c1f7faef4465a77779ca9e0cd82c04682cc
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: e73a36a6450ef1b7c778f0169029e208b25670c8112ce9162cb2837cb9fd624b
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 7a2f65b19c95f2ea67e09c8b3b79a36ec319c92e3ee2b20ca181c1a0f96c0567
java-11-openjdk-src-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 4d03eaceba3fec0c14876cc9fae680adb6e092c59b55f0846aefd0c4b5562512
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.s390x.rpm
SHA-256: 4aa9402f48aa68e65d484060dd3db42159714110a45e06c4707a3db817459fba
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
ppc64le
java-11-openjdk-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 1bb60370639edad6cf94c0a029026b9a075a7c0c12114af9a7c797a182cfa16f
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 6b4977d32281c39ce5cc145a3c5c7ae3a1e332fafb2a6079b6e894249e538279
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d2ff4be14556346b5033e413aa33afcfdf3d8eda4d82f8c2faae5a55a2355522
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d7edf13c3896e6009d567242bbfa965e0e2ccabd3f197ee56797b5494d948d04
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 6c376304667526793fbf8d7e975940d5b964543ff5394750888f7dd2741df151
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: db8fb46b55cc2454b376cb8a747e4cf2f71ed70b2ee6bc7e019eeb4b363ed7e3
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: e51a691f76475aeb73e54c0829f7ca0769e4c74a8d55660f146aeafb656d921f
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d9e871e08276a5e9c117746f96220fc8ba7cb922b4f72b88b6a0872bbfef3b2f
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 2ba88caf6112d1337d6a0cacf4de0d13a43174922def22a6fbf0286fdbfdf789
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: a7f232ca0217e8647a67382bea3c97ad55e8732190a8a71df86b70aa786dbc36
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: bb881dec3e90c88be4e4eafbf368661e781994bd290b31d2e2b904f94dd2dab5
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 2d03095e765a040a84683d38da6cc42c6b44dda40f35ce61240f206212ba0531
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d9c0608e121cf7941acaf0e6cf6cd64eab0b5b442e156bc44b4457934c672443
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: bbe1182c44c9f625cdee59c2ee3b0751a93f3c7782e655601bab1f41286dd694
java-11-openjdk-src-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: fd44c8581f4ecd3d70975df72abe000466f115fc9f530054ee700de19ce61cf6
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 42efc9944aca28fba1f87cc943f82599bc16040cc892b9be2d641326ee6c091c
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
x86_64
java-11-openjdk-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 35f5fc5887c63d772fb8115e6eb7fa4d32b68e7ec8460c97321c97a1fce1cec8
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: e4cafae82fa27c55fcbbe6e98f1a2470f608cbf6c87c245664e1f909575c2af7
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: b4bf2f951960152b613a5dccc4dde0a7cf2169098dc14582af60c60150e4fed8
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 16d3a72743dfdcde74d4d6c3dd1d9bbc0d217031675b7e6b588452754cafb6a0
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ea9cefbe0247a818eee02559501ee2161d5e2489634ff709b20146357de58279
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 1467ced90b58ebeacfd403db1f2e9b181632936dc4e1ddeea0d11f40e50f29dc
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8cca6d163432010d76c563159b04f70edf375b38acde2513d55f77841b62e5fc
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8b855f08afade348167385b441b54452ff7f9919c34e4d1cc28513a7e635637f
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 652d1cee99cbbdafba76d07f1ad457e6cac23c073c3cadc3c233727cf0a16a8e
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2616d8f65974616f33d994ce441f50ff41b4b0bf6201ebb1288f772ac5def78a
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 602f35527cf2e022ff4ad7b2818569af3f03f3e2d6d96f9449cafa6e0a9bd970
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 450d13580c4593221bb384c4bc6171117c923a999829dde9c81501e3116a62bf
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2a573271d848b4538eec558b43cec9a0e21044a94dd7e7906a86d6d9c529ae33
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 39e27277917d80911881204866e3cc23165a47f1c0327442a353fa303fe85e45
java-11-openjdk-src-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 935695fef7055301dba9ea836c7aef2723b4d72b5c775a7285850ddec4d59b89
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ff97b20c178c8d575b9f705875d7ba17f8f9bf7702aa72012807e140ba6e123d
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
aarch64
java-11-openjdk-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: c50427264b9a65946ee04135fd4a89ffe27f2c524eb1d62fbe6df80b8e7cc6c1
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 3fd70fd06a491fdc51f74196c7491de4a136710181e716b6e270ed5c07c30e3f
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 5bb9bb44c99b89fdfabfe99467dd0eb2787b1748dc126037e91acd2fb5373a62
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 88f5816ab24642446f6321cb0d138673bf20093e34f24a1ace41fe7586c78f6d
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 2cf67c9b9d2bc27779069fccd02273d80faa9262cfb6c56588adfbc63f913185
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 251e5011803d39f4a5b1dbadf6dca1b597e1852d9b17fbc15ef5ef717b5f74fa
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 9bcba4ed9756f2ac8d31022f9dec4e1c67b3fb8d0c303737d76f5ef8ae3c76b9
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 6c44adca68c736659a065456e96a46b3f605edcf2f83e23accd60f4333b9dbc4
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 56ebcd590f47c43fd7343cc9d62d0eaa02fdc6cee28c54950243e907277227ac
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 95316c5fae76b7ff78dd8522edfcb9878d6a036b597fb3965a54bd7b43f7da0a
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 3c22cb2874c23c1b63d154a94d59bda2251cd1da8ea3cc9201c06a60bc18462e
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 46ae4d8ea848910658be55b143816d1e4790861c6b341ea350d2b4cb506a1418
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: b7a89e42c6fed45ba67dbeee47dde2126eea51e5beff2cba0333aba71bd915b5
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 1b17ea684e74b69e9feeebffcde3a37719d98d81569d1d3b306aef451f342eb3
java-11-openjdk-src-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 7a4f5a93fb9037cb37aca7078607e3a6076bb33859ed43be56824b2e6421b14b
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.aarch64.rpm
SHA-256: 5898df1469730a0556e117a157ac4453e16b0153d47fe84917391cbb9d05a89b
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
ppc64le
java-11-openjdk-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 1bb60370639edad6cf94c0a029026b9a075a7c0c12114af9a7c797a182cfa16f
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 6b4977d32281c39ce5cc145a3c5c7ae3a1e332fafb2a6079b6e894249e538279
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d2ff4be14556346b5033e413aa33afcfdf3d8eda4d82f8c2faae5a55a2355522
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d7edf13c3896e6009d567242bbfa965e0e2ccabd3f197ee56797b5494d948d04
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 6c376304667526793fbf8d7e975940d5b964543ff5394750888f7dd2741df151
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: db8fb46b55cc2454b376cb8a747e4cf2f71ed70b2ee6bc7e019eeb4b363ed7e3
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: e51a691f76475aeb73e54c0829f7ca0769e4c74a8d55660f146aeafb656d921f
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d9e871e08276a5e9c117746f96220fc8ba7cb922b4f72b88b6a0872bbfef3b2f
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 2ba88caf6112d1337d6a0cacf4de0d13a43174922def22a6fbf0286fdbfdf789
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: a7f232ca0217e8647a67382bea3c97ad55e8732190a8a71df86b70aa786dbc36
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: bb881dec3e90c88be4e4eafbf368661e781994bd290b31d2e2b904f94dd2dab5
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 2d03095e765a040a84683d38da6cc42c6b44dda40f35ce61240f206212ba0531
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: d9c0608e121cf7941acaf0e6cf6cd64eab0b5b442e156bc44b4457934c672443
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: bbe1182c44c9f625cdee59c2ee3b0751a93f3c7782e655601bab1f41286dd694
java-11-openjdk-src-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: fd44c8581f4ecd3d70975df72abe000466f115fc9f530054ee700de19ce61cf6
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.ppc64le.rpm
SHA-256: 42efc9944aca28fba1f87cc943f82599bc16040cc892b9be2d641326ee6c091c
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_2.src.rpm
SHA-256: 72576702dbbbbedba437277e742fffc7bfa53a05a073f163c3896b3e65553dde
x86_64
java-11-openjdk-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 35f5fc5887c63d772fb8115e6eb7fa4d32b68e7ec8460c97321c97a1fce1cec8
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: e4cafae82fa27c55fcbbe6e98f1a2470f608cbf6c87c245664e1f909575c2af7
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: b4bf2f951960152b613a5dccc4dde0a7cf2169098dc14582af60c60150e4fed8
java-11-openjdk-demo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 16d3a72743dfdcde74d4d6c3dd1d9bbc0d217031675b7e6b588452754cafb6a0
java-11-openjdk-devel-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ea9cefbe0247a818eee02559501ee2161d5e2489634ff709b20146357de58279
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 1467ced90b58ebeacfd403db1f2e9b181632936dc4e1ddeea0d11f40e50f29dc
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8cca6d163432010d76c563159b04f70edf375b38acde2513d55f77841b62e5fc
java-11-openjdk-headless-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 8b855f08afade348167385b441b54452ff7f9919c34e4d1cc28513a7e635637f
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 652d1cee99cbbdafba76d07f1ad457e6cac23c073c3cadc3c233727cf0a16a8e
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2616d8f65974616f33d994ce441f50ff41b4b0bf6201ebb1288f772ac5def78a
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 602f35527cf2e022ff4ad7b2818569af3f03f3e2d6d96f9449cafa6e0a9bd970
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 450d13580c4593221bb384c4bc6171117c923a999829dde9c81501e3116a62bf
java-11-openjdk-jmods-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 2a573271d848b4538eec558b43cec9a0e21044a94dd7e7906a86d6d9c529ae33
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 39e27277917d80911881204866e3cc23165a47f1c0327442a353fa303fe85e45
java-11-openjdk-src-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: 935695fef7055301dba9ea836c7aef2723b4d72b5c775a7285850ddec4d59b89
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_2.x86_64.rpm
SHA-256: ff97b20c178c8d575b9f705875d7ba17f8f9bf7702aa72012807e140ba6e123d
Related news
Logging Subsystem 5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead to MITM attacks * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter
acs commons is an open source framework for AEM projects. ACS Commons version 5.1.x (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in /apps/acs-commons/content/page-compare.html` endpoint via the `a` and `b` GET parameters. User input submitted via these parameters is not validated or sanitized. An attacker must provide a link to someone with access to AEM Author, and could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. The exploitation of this issue requires user interaction in order to be successful. This issue has been resolved in 5.2.0. There are no known workarounds for this issue.
Updated Satellite 6.9 packages that fix several bugs are now available for Red Hat Satellite.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27023: puppet: unsafe HTTP redirect
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit `eb83de20`. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. There are no known workarounds for this issue.
Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml...
Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml2: Use-after-free in xmlXIncludeDoProcess() in xinc...
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF.
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue.
Origin Protocol is a blockchain based project. The Origin Protocol project website allows for malicious users to inject malicious Javascript via a POST request to `/presale/join`. User-controlled data is passed with no sanitization to SendGrid and injected into an email that is delivered to the [email protected]. If the email recipient is using an email program that is susceptible to XSS, then that email recipient will receive an email that may contain malicious XSS. Regardless if the email recipient’s mail program has vulnerabilities or not, the hacker can at the very least inject malicious HTML that modifies the body content of the email. There are currently no known workarounds.
A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue.
wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receives and views such a malicious message, arbitrary code is injected and executed in the context of the victim. This allows the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-03-30-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-03-30-production.0-v0.29.2-0-d144552 or wire-server 2022-03-30 (chart/4.8.0), so that their applications are no longer affected. There are no known workarounds for this issue. ### Patches * The issue has been fixed in wire-webapp **2022-03-30-production.0** an...
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defective ...
New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
Oracle's April Critical Patch UPdate contains 520 new security patches. We spell out some of the most important vulnerabilities. The post Oracle releases massive Critical Patch Update containing 520 security patches appeared first on Malwarebytes Labs.
A security update is now available for Red Hat Single Sign-On 7.5 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
Red Hat OpenShift Container Platform release 4.9.29 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defective ...
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21449: OpenJDK: Improper E...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) *...
Red Hat OpenShift Container Platform release 4.7.49 is now available with updates to packages and images that fix several bugs and add enhancements. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.49. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0711: haproxy: Denial of service via set-cookie2 header
Red Hat OpenShift Container Platform release 4.8.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.37. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
Red Hat OpenShift Container Platform release 4.10.10 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors.
On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run. More generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended progra...
Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container.
next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks option. If you already have a `redirect` callback, make sure that you match the incoming `url` origin against the `baseUrl`.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service ...
The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).
The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the ~/inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21.
The WordPress plugin Be POPIA Compliant exposed sensitive information to unauthenticated users consisting of site visitors emails and usernames via an API route, in versions up to an including 1.1.5.
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.
Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later.
Exploring what's next for public-cloud security, including top risks and how to implement better risk management.
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.