Headline
RHSA-2022:1445: Red Hat Security Advisory: java-17-openjdk security and bug fix update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- CVE-2022-21449: OpenJDK: Improper ECDSA signature verification (Libraries, 8277233)
- CVE-2022-21476: OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- CVE-2022-21496: OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
Synopsis
Important: java-17-openjdk security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
Security Fix(es):
- OpenJDK: Improper ECDSA signature verification (Libraries, 8277233) (CVE-2022-21449)
- OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)
- OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)
- OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)
- OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)
- OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Enable the import of plain keys into the NSS Software Token while in FIPS mode [rhel-8, openjdk-17] (BZ#2018189)
- Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode [rhel-8, openjdk-17] (BZ#2055396)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Fixes
- BZ - 2018189 - Enable the import of plain keys into the NSS Software Token while in FIPS mode [rhel-8, openjdk-17] [rhel-8.5.0.z]
- BZ - 2055396 - Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode [rhel-8, openjdk-17] [rhel-8.5.0.z]
- BZ - 2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- BZ - 2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- BZ - 2075821 - CVE-2022-21449 OpenJDK: Improper ECDSA signature verification (Libraries, 8277233)
- BZ - 2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- BZ - 2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- BZ - 2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
CVEs
- CVE-2022-21426
- CVE-2022-21434
- CVE-2022-21443
- CVE-2022-21449
- CVE-2022-21476
- CVE-2022-21496
Red Hat Enterprise Linux for x86_64 8
SRPM
java-17-openjdk-17.0.3.0.6-2.el8_5.src.rpm
SHA-256: 3c32710c3de29502f11e795d55d225cd2c4f45a0ec78b7646be3c3554704f51a
x86_64
java-17-openjdk-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 24b712a0684194c9b87b0db6f22ace8094af17e0ee1b430cb84999a8de81d292
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: e9aa62638a5d185cb138f55129ff770893a2ba0d2987b5619e04b0850c4960c7
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 561b6527af61d565bc90bc579f33040fa85d2ab969772facbcc4a0f0e6c417e8
java-17-openjdk-demo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: f9b50be42a2e741e118244366e27123c50df47a6b64031abf077a70280923293
java-17-openjdk-devel-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 829ac35eeed995c615a9eeb6f9c9598b9672fc62c9509bfe00c82d53ca3307bd
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: b1fa5027150abbfd64e846154786db191a3d4f7c14974485de1c11330c382281
java-17-openjdk-headless-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: c3b049948d71a62dcc1ea546c297b8a0ad33243805ad140b5183f2eaf87b87aa
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: de0f5bef1dd4909dc14c0fe3d931e868f438a7e32859b60b8f37c5e1a942929e
java-17-openjdk-javadoc-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 1302fb4171ff9341ba755a9bc6c1636ce0650d9dd7d48bd17b3474096ec3cb40
java-17-openjdk-javadoc-zip-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 6fca241e6b493b2fb89ceffacea7b0834c240852a634ff7dd3745c9f96748ef7
java-17-openjdk-jmods-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 18043c55f5e8ae336275f08bdb6c3c608bdb4721e395ded18f1e809b6580a53a
java-17-openjdk-src-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 3f77e34c4acff3e2ec206e2b81a52105019dd02335c4522f10900f0bad37535f
java-17-openjdk-static-libs-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 9b1c5f05af9dc712d8f8ec5d990e83895378e18fb04b30700dc6d217bc367cee
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
java-17-openjdk-17.0.3.0.6-2.el8_5.src.rpm
SHA-256: 3c32710c3de29502f11e795d55d225cd2c4f45a0ec78b7646be3c3554704f51a
s390x
java-17-openjdk-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: c7144856b999ff02dea59fca3cd7fd1a2dafa707958cb40230f21a8e50c6c708
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 5a1dd33c209b3d25aa44943260e17f7712df11318d72971d89acbb937801deee
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 345e27994e825c1f334df365640f673316a15ec91d552a252418fcf01cd4f4c5
java-17-openjdk-demo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 775319f12252a4708abc13f1acf58d8c8a8cfafd203fd4b8fdc87611d972ea79
java-17-openjdk-devel-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 193096accafec87757e0a63b627d60d69a9c34aca16983b300863e05ae9b6e29
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 087b58ce9f5ba2009fcd47f4f78e2dd66b9d4f176e53ca85356209896608ec53
java-17-openjdk-headless-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 6b87a5d45484c8060bc56d754f0bdc008dfd646989909b59b30ef18b74853328
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 10e27265aad80d212b785970eee92a1c89107cfa75c7265d6ec47e4ea3b0b45e
java-17-openjdk-javadoc-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: c003f96a9ab42f54f14f170d2989fb45ce6f913c8dc92fb7eb371147a805f283
java-17-openjdk-javadoc-zip-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 28b48723fb4894f07e6f18d4c83d32861aa5bc15aeff5658cb32665cb7c3f8b2
java-17-openjdk-jmods-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: b085f2d4d333a23617cf43201f5597727171762511fc7d9476a1c55594e21903
java-17-openjdk-src-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 518b60ac5d9fc516f46818ffa31ff58d5f4cb0867ebc76af1c9ad6cb3daff00c
java-17-openjdk-static-libs-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 43f919306c08da245c760e3e699433031c290fd34a108b85cc94f5e8e57bcc61
Red Hat Enterprise Linux for Power, little endian 8
SRPM
java-17-openjdk-17.0.3.0.6-2.el8_5.src.rpm
SHA-256: 3c32710c3de29502f11e795d55d225cd2c4f45a0ec78b7646be3c3554704f51a
ppc64le
java-17-openjdk-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 67ea63122225c8d85fb6a9b14d0f6dc07764221407ea7bc1b5c17a21869eb23a
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 9c7d83f034191468fbbb95694704498db317821e924380e7816161aa28d4fedd
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 31f6a11c8067f3dfa729db4ce71a1ad1767b2c7a438741bd0cd4f52c1a38351f
java-17-openjdk-demo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 5cba8b1886205531abf231dcacf9536194682d6899c2d5ac8f6abb6b83828fbe
java-17-openjdk-devel-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 5542427f02615de7b9f1d4d79d6748247d3fd756269aee659f47b4478ed7c629
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 2f57d94838742b2c44d136ccf0e46971051fcd61532f4ad9357678f5e13db4f9
java-17-openjdk-headless-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 428ef89b5f5097412c7ed590dfc9650c81949f8f397934cbf0013913601b647b
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 0e964d9e3bdf7283cb2c4aeb0216143a870e77c18bb9adf2c8afbbb23bb54dad
java-17-openjdk-javadoc-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 19c7dbabc7eca24042f5e06dc263d926410723d585e42914970b408d549e4426
java-17-openjdk-javadoc-zip-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: a52147eadc08366b35b987f20312fbb424b9c814658f5ef233c4a3b984cdc2ca
java-17-openjdk-jmods-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: c870de46dcb7f2c59fce75e11b2fb07215bf17a52c453f0c2542142c5489c833
java-17-openjdk-src-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 1de4eefb738f0acc65e0ec413b3d60183c91b9eb15fd52b90b293f9b507b7a48
java-17-openjdk-static-libs-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 91f4e4e7d7ff8b33fe290e8d63f258eb90c02b391eef725fef0ba6c34c6d11dd
Red Hat Enterprise Linux for ARM 64 8
SRPM
java-17-openjdk-17.0.3.0.6-2.el8_5.src.rpm
SHA-256: 3c32710c3de29502f11e795d55d225cd2c4f45a0ec78b7646be3c3554704f51a
aarch64
java-17-openjdk-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 26b337dbe9bf452598026442ef90e5d4291b5ae5afb307bae11c1bd9a73727ad
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 51b8512f350ae84770fefb933119c362f09c830e4ee71f67e0b7dc93fe6eaa0d
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 09eb257640383b80c0b1fbca15dd747f3988644d29e357ad4dc9ca5639f7b4a4
java-17-openjdk-demo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 3fb8bd6edaff32971db4fde1dbc1af291c19189b557e1df2a51fb9fa61da945c
java-17-openjdk-devel-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 68ba006a659130199dfb9f9baea82ecc377c42bcfa6235f962b794cd1f148749
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 97f6613b2e5755fee945b9c923b9e0b3912a2fa0f14bb69e1bb999a0e700a0bf
java-17-openjdk-headless-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 522b7f8553bbbfa78bf351f67dd7eab6521211f79a896f13533bba6f29a20e35
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: d4729fe20c923610601e86a188419feea8eea24f65d14ef45964d2ac0a147e5c
java-17-openjdk-javadoc-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 673f253f6b08936f40a87c75f1ef3b5c83aaae7145b6fc4bc15ef3a8697abf51
java-17-openjdk-javadoc-zip-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: a597ba4ba25b57ebc9fd06e28d2875bc15b33d341ed12e6ac5d51d9a888cb617
java-17-openjdk-jmods-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 59533848eb76282dfc0528da466f11470c6e5f9618b4a602255c70036c2ed750
java-17-openjdk-src-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: b3c7d4e9fb2d4cc0fb34ade4f6bdd9e8f2f98e9abe8d0ec3706e5b7e8be2df03
java-17-openjdk-static-libs-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 91b35a9d17fdc26bd729a4265ceafdb5cdbb0989cfe81de4a994bd9923210110
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: e9aa62638a5d185cb138f55129ff770893a2ba0d2987b5619e04b0850c4960c7
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 561b6527af61d565bc90bc579f33040fa85d2ab969772facbcc4a0f0e6c417e8
java-17-openjdk-demo-fastdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: ac728d643672cc1d5a1a62dd4066b2f01e9b267972344ad0a565e4cc37de6724
java-17-openjdk-demo-slowdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 01a424442871f109656efa9179f5b9ba6b8c5e1dccd5ed9efb9ee516ba294c86
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: b1fa5027150abbfd64e846154786db191a3d4f7c14974485de1c11330c382281
java-17-openjdk-devel-fastdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: d1685c459eda60d70719bdea0d1dd38840fec1a2a70bb6b18c0cf96eeab6c981
java-17-openjdk-devel-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 280e4acb99a0c7313ec0f06b4a46e4adb0377289812ba9d4e585488d425d8961
java-17-openjdk-devel-slowdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: f706ebd70967ce656cdf11c6d33ed104c625e10534edb9474a060b570942e0bd
java-17-openjdk-devel-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 949cd15769c90b93732f70b72ad70191335546dc81e2c4f6a8bdf846f3d06191
java-17-openjdk-fastdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 0170cf547e008ffb2d7503f09c471a7a5f58502235e472439896ab9fb9c59204
java-17-openjdk-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 8dc9f8f8318cdcf9c98b4e4067551ca5f6a2f237d8ac42045679712805a2cb92
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: de0f5bef1dd4909dc14c0fe3d931e868f438a7e32859b60b8f37c5e1a942929e
java-17-openjdk-headless-fastdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 98914a778681a7d353ea741dcef59f4964364574c3b6a575b250ad2afd70eef7
java-17-openjdk-headless-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 09c404d15d90944b165e5ba8f73eb2e874ecb8c00017d36b7ce84952a1d47ce2
java-17-openjdk-headless-slowdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 3fdfc566941dae0f5b9cee908061cd234471582f3dce20b5c79efb479452227a
java-17-openjdk-headless-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 255219964f72cafdc2c806b17c6f19796c4b481ed86bc6b09d8f5fcc217da73e
java-17-openjdk-jmods-fastdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: dcd548c8feedfe51fc90eb835838e205d804bae512bc119388ea613eb8744556
java-17-openjdk-jmods-slowdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: a337aff7806b42ffb1542207b24c03db49961d40580b223a43c092bbde838416
java-17-openjdk-slowdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: af37a2495f0f4d9321add42cd9928b863af545a64ce6597444086012f007da29
java-17-openjdk-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: e023d07509561bd2f03b07a63534df8421b356f4b779f39e27f78de9f8e67efa
java-17-openjdk-src-fastdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 64929120c66ae69a6c5636f15d76aea95b9d8c6bcbda07bfa0bc3a8146ca485a
java-17-openjdk-src-slowdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 8adac3f7e109615d9adc5aff3ffb0e93e63d952440f5f5d85731123b67a9b7d9
java-17-openjdk-static-libs-fastdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 6bd317283c718aceb08066aa5d2978dc1fe72b8f1cd57492b61da3a6a5385dcb
java-17-openjdk-static-libs-slowdebug-17.0.3.0.6-2.el8_5.x86_64.rpm
SHA-256: 76786d57fec124549bea1766dee8db0bd77659cd134b510f4dfcffb7e3ae0a62
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM
ppc64le
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 9c7d83f034191468fbbb95694704498db317821e924380e7816161aa28d4fedd
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 31f6a11c8067f3dfa729db4ce71a1ad1767b2c7a438741bd0cd4f52c1a38351f
java-17-openjdk-demo-fastdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 494e531852bfa33c4bef3cd995397c768d95b28a7caa7ae4675d8548b5f00c28
java-17-openjdk-demo-slowdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: ba73a2f323db9645a43792c5dc66803e91278cecd87fe547dfea67b028625c3c
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 2f57d94838742b2c44d136ccf0e46971051fcd61532f4ad9357678f5e13db4f9
java-17-openjdk-devel-fastdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: cd09af9419df7476d7ccf4180e278e239058b6588e6a990183f22c3ec791c035
java-17-openjdk-devel-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 8d201c410c1f46a8007764b0991208475ac027145b3e5c521220e6d142ffa1d9
java-17-openjdk-devel-slowdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 67b1847be5793b5b3e40da9b62d99c4d68142d35a674f7ad7d46e410d2e7c457
java-17-openjdk-devel-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 7a298f94d33fa7df43113ef981e229c7046c86ded9fe1b86c80a488aa78d1104
java-17-openjdk-fastdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: ff97158620de350d3c47ffb408d76a15284e92e75f67683fd0d23e0450f5fb5b
java-17-openjdk-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 467f0b900ab26b541c0e9d0f4af89af3f9803004ecfbf3dadd9ba13c2df9a41f
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 0e964d9e3bdf7283cb2c4aeb0216143a870e77c18bb9adf2c8afbbb23bb54dad
java-17-openjdk-headless-fastdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 60e54a400be7230be88895f748b1590c2d86e5ca05896615671051abb5eb4774
java-17-openjdk-headless-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 72c624b9860eb6557092db650de54ade45d9af5633b1125dc7a65b2d28be1fc5
java-17-openjdk-headless-slowdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 0a80efd97c2cfeef98dfd01f2ed25cda4ec43aea008cde00294fb03317a66490
java-17-openjdk-headless-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 69bab71fefdb7daefec882d32fdd5c97046e961ab443baf279a40a0078d76bd4
java-17-openjdk-jmods-fastdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 70b1e434ca10568bb5e7b1be040409385bfb8c15e1a11d0eca1aa10c471aead1
java-17-openjdk-jmods-slowdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 3d1d7b463b038040449c10f25d9e2fa4f423fe5fa21985fc3189b9dec93871c5
java-17-openjdk-slowdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 0130199dd7dd3c49f3647555d004108572a5110fdab587d012c47ebd2f938683
java-17-openjdk-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: a096cd6194259600c04c9d16c054f6808c78cfd4967c542c8e3c53f49ddf9347
java-17-openjdk-src-fastdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 7f858d78a213d2644b5f2ef3513aba424863b2eae6a5444bbc234cef944e7436
java-17-openjdk-src-slowdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: b6f495ed4c933de904567b3e932d4d8517f3cc00cf799576aeb6fef1e1882366
java-17-openjdk-static-libs-fastdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 13ee6d69a935fdb792ed9bdbb6c532bc423318ef819a320744b66940b785f649
java-17-openjdk-static-libs-slowdebug-17.0.3.0.6-2.el8_5.ppc64le.rpm
SHA-256: 8d6c65c8bc42654e63997df40901eb96ab3ae4e88e32764fc1d777c744b2d649
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 51b8512f350ae84770fefb933119c362f09c830e4ee71f67e0b7dc93fe6eaa0d
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 09eb257640383b80c0b1fbca15dd747f3988644d29e357ad4dc9ca5639f7b4a4
java-17-openjdk-demo-fastdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: bc48fb0b264c794511ab7b4aed2b48446a57df17443ca3be571d50198d4d60ac
java-17-openjdk-demo-slowdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 9055a0af6c9cb094ac384b8c803603d39ec7b68eb86c6614a30de07ae532a027
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 97f6613b2e5755fee945b9c923b9e0b3912a2fa0f14bb69e1bb999a0e700a0bf
java-17-openjdk-devel-fastdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: b16c7fabe6f4589c077b929133a53a3e462077e86cb438756763677648d86f52
java-17-openjdk-devel-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 1843adb9249c4e95d727da5fdf602ecb8b2a8e93f819474cd84993e7ff1bbd6e
java-17-openjdk-devel-slowdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 0c3da4bdf059ed9cde3f4076aafed1cdd636f061b30ed35452da2cc2356e5d8b
java-17-openjdk-devel-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: b688962185d167999792dfd074c9949f59529db2fad8ef0116914a900cc20c44
java-17-openjdk-fastdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: c626d626af61375b937ab3dba3f2a5092b848b690811f0df82ccabe23c1695f5
java-17-openjdk-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: de68bebd8ad1da59fa9b92a4542fffc91bf37f76ef2eae9d8eb5dbe798b186c8
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: d4729fe20c923610601e86a188419feea8eea24f65d14ef45964d2ac0a147e5c
java-17-openjdk-headless-fastdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 6cf89860aa626707823a7787defc1ed42afc692c616933411fd6ceb91ce28468
java-17-openjdk-headless-fastdebug-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 13d7c19a4095004107050e3ec789dff2a52e76797f96d97615e17b7c09cb25aa
java-17-openjdk-headless-slowdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: d4d9e93cc307e840a235ed9c32c9faf041543856ae53c832d20216f1ecb58e0d
java-17-openjdk-headless-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 93b8a42849047f9f4b55fb607a9e8671c3e39e3e3e8a22b8b53ed2128cc94f51
java-17-openjdk-jmods-fastdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 3ff42f69fc2175ebe8e8b1866dd5558a70a8bb0ef2ed5ffbd3034cbd9a237503
java-17-openjdk-jmods-slowdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 9b48c9f4dd531f9ba169a8cbc69a3295879beb67c0ff0256a9fd097d7339d622
java-17-openjdk-slowdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 6e6732e92b5c818ae254c38c9a7f6b5cf2d47561d353494209f8fb81923ad50d
java-17-openjdk-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 19b08b822e69cf3b63fea54ca92e92522b4428da22eca53ea3d64d672f376a43
java-17-openjdk-src-fastdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 3c74452977ae4998e2f094154478c59c95bef5671224cdda57c2b4ea772d62ce
java-17-openjdk-src-slowdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: a27e6281734fd7961589d4ccc96ea9ef9cd87a0162040c75478865468b760b57
java-17-openjdk-static-libs-fastdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: a6ee08ba32e729a1c7ea96664812d6d3e74482ebdfa2130661c18df4f49a69c1
java-17-openjdk-static-libs-slowdebug-17.0.3.0.6-2.el8_5.aarch64.rpm
SHA-256: 49bb158743ddf91760e3f92fcd67d94f7c2bb3a5ae271a939262c5853aec3f17
Red Hat CodeReady Linux Builder for IBM z Systems 8
SRPM
s390x
java-17-openjdk-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 5a1dd33c209b3d25aa44943260e17f7712df11318d72971d89acbb937801deee
java-17-openjdk-debugsource-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 345e27994e825c1f334df365640f673316a15ec91d552a252418fcf01cd4f4c5
java-17-openjdk-demo-slowdebug-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: ea9ed4f179048a0bf3b002ef3a672db724a2a36ed871d36524c1dc10643080ba
java-17-openjdk-devel-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 087b58ce9f5ba2009fcd47f4f78e2dd66b9d4f176e53ca85356209896608ec53
java-17-openjdk-devel-slowdebug-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 7bcd916b39332493594396113807971a8ce768ca826fc40ebdab87b7dbbdd0ec
java-17-openjdk-devel-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 5d86d0830d558201af4236910f7941eb064ce56070c02d58357a73f3c6eeb606
java-17-openjdk-headless-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 10e27265aad80d212b785970eee92a1c89107cfa75c7265d6ec47e4ea3b0b45e
java-17-openjdk-headless-slowdebug-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: f3c0e12f7d3ef30797718a007a807b9fdfc8ff09da0388aab85188c9f99827d6
java-17-openjdk-headless-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 09d469f0bd87b8e5c678349365978410c0bce681108bae84da46b5f9a68ba473
java-17-openjdk-jmods-slowdebug-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 45edd8a7162c174a57a0f3dd8b532533b8f40a6a9afdc40c81945b65a006f159
java-17-openjdk-slowdebug-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 90793405da952e86d296d6d8e11d498ee7beef6a82ec99f3d3c0f9a942f1ac95
java-17-openjdk-slowdebug-debuginfo-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: bbb93731d9e641a6dcc5eb9b8704f12a9c6dcbb0d8c091bafcb6bfdfc8100c7b
java-17-openjdk-src-slowdebug-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 1ddb0176ce9f34176d26520f2d22f66b6844ea2db57734e136e803de55e23633
java-17-openjdk-static-libs-slowdebug-17.0.3.0.6-2.el8_5.s390x.rpm
SHA-256: 463b8d551d5fb3b973f9a877c2a7408a4ac2ceb7a5a524b1fa4fd5d1a62e898b
Related news
Logging Subsystem 5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead to MITM attacks * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter
acs commons is an open source framework for AEM projects. ACS Commons version 5.1.x (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in /apps/acs-commons/content/page-compare.html` endpoint via the `a` and `b` GET parameters. User input submitted via these parameters is not validated or sanitized. An attacker must provide a link to someone with access to AEM Author, and could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. The exploitation of this issue requires user interaction in order to be successful. This issue has been resolved in 5.2.0. There are no known workarounds for this issue.
Updated Satellite 6.9 packages that fix several bugs are now available for Red Hat Satellite.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27023: puppet: unsafe HTTP redirect
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit `eb83de20`. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. There are no known workarounds for this issue.
Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml...
Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml2: Use-after-free in xmlXIncludeDoProcess() in xinc...
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue.
Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue.
A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF.
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
Origin Protocol is a blockchain based project. The Origin Protocol project website allows for malicious users to inject malicious Javascript via a POST request to `/presale/join`. User-controlled data is passed with no sanitization to SendGrid and injected into an email that is delivered to the [email protected]. If the email recipient is using an email program that is susceptible to XSS, then that email recipient will receive an email that may contain malicious XSS. Regardless if the email recipient’s mail program has vulnerabilities or not, the hacker can at the very least inject malicious HTML that modifies the body content of the email. There are currently no known workarounds.
wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receives and views such a malicious message, arbitrary code is injected and executed in the context of the victim. This allows the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-03-30-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-03-30-production.0-v0.29.2-0-d144552 or wire-server 2022-03-30 (chart/4.8.0), so that their applications are no longer affected. There are no known workarounds for this issue. ### Patches * The issue has been fixed in wire-webapp **2022-03-30-production.0** an...
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defective ...
New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
Oracle's April Critical Patch UPdate contains 520 new security patches. We spell out some of the most important vulnerabilities. The post Oracle releases massive Critical Patch Update containing 520 security patches appeared first on Malwarebytes Labs.
A security update is now available for Red Hat Single Sign-On 7.5 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
Red Hat OpenShift Container Platform release 4.9.29 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defective ...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-...
Red Hat OpenShift Container Platform release 4.7.49 is now available with updates to packages and images that fix several bugs and add enhancements. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.49. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0711: haproxy: Denial of service via set-cookie2 header
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) *...
Red Hat OpenShift Container Platform release 4.8.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.37. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
Red Hat OpenShift Container Platform release 4.10.10 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors.
On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run. More generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended progra...
Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container.
next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks option. If you already have a `redirect` callback, make sure that you match the incoming `url` origin against the `baseUrl`.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service ...
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).
The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the ~/inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21.
The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`
The WordPress plugin Be POPIA Compliant exposed sensitive information to unauthenticated users consisting of site visitors emails and usernames via an API route, in versions up to an including 1.1.5.
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.
Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later.
Exploring what's next for public-cloud security, including top risks and how to implement better risk management.
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.