Headline
RHSA-2022:1442: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- CVE-2022-21476: OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- CVE-2022-21496: OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
Synopsis
Important: java-11-openjdk security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Security Fix(es):
- OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476)
- OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426)
- OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)
- OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443)
- OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of OpenJDK Java must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Fixes
- BZ - 2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
- BZ - 2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
- BZ - 2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
- BZ - 2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
- BZ - 2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
CVEs
- CVE-2022-21426
- CVE-2022-21434
- CVE-2022-21443
- CVE-2022-21476
- CVE-2022-21496
Red Hat Enterprise Linux for x86_64 8
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_5.src.rpm
SHA-256: b52455b9f7f20fddb735574dfb1b9abb38d0387476cf924c4d77e09f9bd76167
x86_64
java-11-openjdk-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 3a155ae46cb6f08b1f3e1a8e1bc4cabe632333fa835f328e0e971dc511bc8ef3
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 9e39d7fea1c505c247de0621f5cc7386ff2740879308d4f56a0504ed165bed5c
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 579ff8d91c7cf9d6cd4247a84135fae4007bbb555b181d1a17272b73f97343e7
java-11-openjdk-demo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: c4ea3ff3a488d668a440d2e3a94cf81a6c56c422421d71322a849aab3db96d92
java-11-openjdk-devel-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 7fa426078c8e5506e785c22d6a6fec8ae2583bbdbd68533ab614fa89b3046bd7
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 09d4efce3b63e4e98c5ea7d997285aeb11818f2e558d7da7319d6ef305d5521d
java-11-openjdk-headless-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 018031045d7e8e379380a809890c6605fb9254a92c696f5f24921463764afe91
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 1305ad8e2b391ba57ca231b6bc5faadd31478e93f7251fd0cdd7b019460fca39
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: abeb16e0671b0de3456a8ee8f1fa369955f2dc700041e80bd2b213ffcb4dd33b
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: ca360487bbde5eefe55b76156b4a1afe0ad9585396b90c6cb33f1e263e979274
java-11-openjdk-jmods-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 024e3dc0ae41fd610b3ae1c0950059ed2d4a0f162c3fba00a338df63a8984362
java-11-openjdk-src-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 78f6ffac3327881e445d3293e21013faed701306701dd250e2f5c54deb7377d3
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 5625b046a076ed26a2817c51c7fff77eb368d68cea37d887c85b5db5afe40545
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_5.src.rpm
SHA-256: b52455b9f7f20fddb735574dfb1b9abb38d0387476cf924c4d77e09f9bd76167
s390x
java-11-openjdk-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 0af9e3abfb4208d35545eb8a62f78c2ba126323292c1b92f3082db4cf63b0845
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: ac314d684295912ffebb192e66420352908429be49ec349b08e16b89c8cbbfff
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 084d1dd8315a76713f149ad6e14fde5a19233a4e60e31fac64e368b8ed076ca7
java-11-openjdk-demo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 4ec5d0c7fc8c61293697a80d7f798a8265b94670369cc11b52f2d67659e3cd36
java-11-openjdk-devel-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: bc72794de2415eb05abda711a001dbc144a940eebe8365fa8705d43402f6fd1e
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: ac0cdd8ddd5a4b5f68de3216ec97b379ac3d0a3d51e972497cffb7afe43a62d2
java-11-openjdk-headless-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 397bf62e57f559097f70d41ed972aa18b7ecc840bd350cd57187fb041b040a62
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 431c9ea1c35e195b93f8baa8d24792444e2553cbecf2d030187c7fbae7445ab3
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 795d1f73dbb4fea9842213773634e6d37b7b80f2d426b1de761a73a4299f2381
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: a9f860657809eb391c3390e969fc0a569749e55854e121c9a084ff1224a34096
java-11-openjdk-jmods-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: fd17d61222ae5af2c71f18cef45ace86670c1dea6fba5ff8fbccaab49b054a2c
java-11-openjdk-src-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: ddf66e42858acfd61fd5994e2c52f66e09596dfd265858134788869edd91a6b7
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 03470665ebde4935c8cc63ca75e19239719f51a184b1471d590cf969967f16ba
Red Hat Enterprise Linux for Power, little endian 8
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_5.src.rpm
SHA-256: b52455b9f7f20fddb735574dfb1b9abb38d0387476cf924c4d77e09f9bd76167
ppc64le
java-11-openjdk-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 4a9d35c273d2e4b6d86c1f81906711f1e18734e0c5093bb4ee5d5b9fc8aaaa71
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: e114702949ea5455115b8486a59e7e3dabb95c01e8a024b999e0fc2ba08aacfc
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: e98bdc7e1cc90c07e02bc23bb5c9514619c4bab58240525399dae190e345bbde
java-11-openjdk-demo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 263ce78606efbb3b2ea87e21dca0258a98ae8de0bf8ec285bd55f59abdcbf940
java-11-openjdk-devel-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: f9b8265bf5660fd5714d8fcbc00003ef90cc4aa8d97e0253d4e2a0d05e9818c4
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 457d467292ad9ee0fad2049b27a0483ffc407927006c3245db7249c80e11cfdf
java-11-openjdk-headless-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: e32a7883ae7b05e7064d3368eba43236843f59f6c70e0d4041e4c144ca7e5981
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 1ac86b5ba42df064996d5735e0c0fa6b9dd6a99135ea7d9841d7af8e8907f524
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 91489c9324a744c6a5d2c8d050c09b397f97a98d7acf38fc272de73e43e2f290
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: a3859fdebbaaadc6b74d92d4df655d8661c0a7cd374809209ac42357bf430f18
java-11-openjdk-jmods-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 9f95b4cd05e184b9d9235df1599d088ad77276861181431284cf0c18743cce16
java-11-openjdk-src-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: aa6b4f0f00afd472de0c3ba4625840af9a8711173aebb8089f38309a21f009b0
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: d2a6f16747d7824b174275977b213269492e970c7b8c9a5f931564fcf5ccf3b5
Red Hat Enterprise Linux for ARM 64 8
SRPM
java-11-openjdk-11.0.15.0.9-2.el8_5.src.rpm
SHA-256: b52455b9f7f20fddb735574dfb1b9abb38d0387476cf924c4d77e09f9bd76167
aarch64
java-11-openjdk-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: dabc2ccf3c6b1640141850e565a7f03a927767e3ff5a3ddb96090bdd5fc05568
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: a11f0e321bb8cbaebcc2103e7cc2082fe272eb5d8b43181bc9a7bb5fb01e5b63
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 46da0fb97c547741489aecd39f60c0a58390357227b26b22ba296f39f605887e
java-11-openjdk-demo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: c21b40bbc86d8cb7aeacc58f5d9b551d688e962b19d8f64a3243fabc9056efc2
java-11-openjdk-devel-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 760279165df290b85bc4a2b0af032047e71ea437ba62be41ab5cae7a18668a35
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 3d1fd202910b51106bb8c2d3f7d5301de4722f71769cdab7a3f59260d0451e2d
java-11-openjdk-headless-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 2e7eff0eff9f118bb9083aafad2376dcfb716b281fe24d131b5abe79e31202f7
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: cf4c050afb20258b0f7a9ff38f45a208269232fb35e7571125d1f59e07edb6f3
java-11-openjdk-javadoc-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 36e41e75011c24ef3ded933b23e1653f6f8c406db210d5829cbdd2d816044d27
java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 2d65a3163895fb9f73c1f8c4767761c1f41c580e5054a2e907e5244c4ac7945b
java-11-openjdk-jmods-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: bb4531467caef5e3ef47218b0171cacca667c73c778f555fb334bbc676eac343
java-11-openjdk-src-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 7ecaa0eeaeafce01d61819d2c10b10d310bac9038ae975e69256b3cd40ec2796
java-11-openjdk-static-libs-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 1d1a621530d4a96a70910228778e7be2306db66910e60787f579cce291a1407d
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 9e39d7fea1c505c247de0621f5cc7386ff2740879308d4f56a0504ed165bed5c
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 579ff8d91c7cf9d6cd4247a84135fae4007bbb555b181d1a17272b73f97343e7
java-11-openjdk-demo-fastdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 42cfe621c6425f2e7710b8c5c2b70a8ef8149dbb8a0b812e899fb07e6a983a7e
java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 9281a7c747f206ca4a968bc7c60eefb076117534586ffcfcef7e7efa39abdf69
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 09d4efce3b63e4e98c5ea7d997285aeb11818f2e558d7da7319d6ef305d5521d
java-11-openjdk-devel-fastdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 1f09fd6249dfdfc0daea47f4ebb224c96368c0ff5854e638df2cb5c6914af1bb
java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 58afb327babf83a8fd44b895a017557b70635de11981b395eebce2e574100a20
java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 56c0ccacfadb3e3d3815156d7c7db66b95bf48ca5b2ada427a905736d5f1a698
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 39b79edb2672edb23d02252d09eaa22b1ea34ee30166f03872e7a772fa537a2f
java-11-openjdk-fastdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: e9c007caaf0f8a6b723fc76a1b0720788d958f3fca1d9c12ceae7bbcd19081f0
java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: f863f79812ea4bd249673de6dec87ace050e8301f2e1a4d36b445052d034ccc2
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 1305ad8e2b391ba57ca231b6bc5faadd31478e93f7251fd0cdd7b019460fca39
java-11-openjdk-headless-fastdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 517370f46988439948fbb4a784955fcc7d48ab9fbfdf15bdb4bfb838da365a52
java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 071601cc69e1e5ed9710fad1084ebe4c97d0361aac5d3187321dfa35fd907947
java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 895ad225edecb90095f214b133719a50b7ea0afa8efc5f0e66fe8195ca95e7f6
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: b23e11f826a8b8a3b74b9f46a21f059e91e8508eb782c758166e904f6ef69768
java-11-openjdk-jmods-fastdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 1e4d060e08b7bc0af4630e844710f1b52c1c5238cdebd0fb80e43fb303a0cc9c
java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 033e643fed6af6d3c9019e4064680833891cf748eb4b36b529b072aa54737bd4
java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 92cd974f03e38d63ce0434feccd91ea4d2163de30a03acc07771f0ca4fea23bb
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: afdce25f75e4b8e206328ff6b105be6a8ee1455f139cf6a7f0a75acb83235ffc
java-11-openjdk-src-fastdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: c72560b665b9328ef2970b789392830ab4dc7c02b05ecb2bf02e778fe962eae5
java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: c4786e0ba79b3eda9dfe02b3e01d25bbbd8197bbdde86bb608b10c05bda02d17
java-11-openjdk-static-libs-fastdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: cb11a925e930f118d3a8efcc3c79504de35e7cb5030f5cdf9092e0535ce8e1dc
java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_5.x86_64.rpm
SHA-256: 7ac624ceee69b3de9c2f3285fcaaf2d5346e105dd5e33e29f2bc8dd9c8664233
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM
ppc64le
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: e114702949ea5455115b8486a59e7e3dabb95c01e8a024b999e0fc2ba08aacfc
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: e98bdc7e1cc90c07e02bc23bb5c9514619c4bab58240525399dae190e345bbde
java-11-openjdk-demo-fastdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 2fde2c7309a1ff375b29c8fe88dbc394346e03756fadb4473ed9289befe318a8
java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: d6c5cc7d01badfe32d6c637ea3b71815c97034f60d4cc29f4ce0bc0722fcc3bc
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 457d467292ad9ee0fad2049b27a0483ffc407927006c3245db7249c80e11cfdf
java-11-openjdk-devel-fastdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 10b0b4424ee13b3495cbebc0eae3836e8fae89b7007c486e2d70d6b7d66f996c
java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 8f08b8ccdb3ffdbfde174216aa608940d517650bad6bfb03f5cd52f60135d959
java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 5729427b5688fe506bdf5ecc042303dd8776f2c11a4a91a792b036fb57efb8c8
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 25ff54a43207a3adceea48b6f6d5dd85aea3eb84246b38c9029940b0c319eb81
java-11-openjdk-fastdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 3826f1dd315324251c35356ca0a37efce4250d53a71c02700f441e5f559cdd96
java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 0b074d250636b9230d5059fa07f9b581f0c3dc6db051192debe48fef4a2224a7
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 1ac86b5ba42df064996d5735e0c0fa6b9dd6a99135ea7d9841d7af8e8907f524
java-11-openjdk-headless-fastdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 863c10011effe27e3840afb9117504a5ab12e3ea28e6d43d097cfcabc804f5f9
java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: e24d4d4c03650566fa00c3f646b3ba81f49c62ccbbac9c87080659e3a4261372
java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: d5d2c280d3b022d80e860097216b441be1894afb2760aabc244cfd424f3f53c6
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: dd203474cfb91a8da4f7fe36c9679f2b0f8107939e6edea486bee0db555b7c2e
java-11-openjdk-jmods-fastdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 90759820fa06cef38b1a50b9b49556f1b647ad8f64a6b53135d220c11b22baba
java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 9b1326112f726f5c57f6dfb1664fa579745e0ed4d89131a5985309fe5ec0f62f
java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 56b83a845a662ca41ef90f1a1086a82c274e9967fb0f59b08daf711368fc046c
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: df5bd4bae3104c8ff48273dc131a87baa803691a910914713ee7ee506346e944
java-11-openjdk-src-fastdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 6509d8e895fb9aff07355d81d3628f35d602ad096f354769b889093d0b4429b5
java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 4d570b6b4eef80023ab299c47bc237f75938a19a1e6da564e5871a23875cc40f
java-11-openjdk-static-libs-fastdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: 3dfc9667a74b3628af8af1883eccd0e50d7b4f41f87205f7862bc4b1b5c460c2
java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_5.ppc64le.rpm
SHA-256: f4edb182b098c292b3ef00af46e0fbe6e498576ee64ad719480c1ac4d20586bf
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: a11f0e321bb8cbaebcc2103e7cc2082fe272eb5d8b43181bc9a7bb5fb01e5b63
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 46da0fb97c547741489aecd39f60c0a58390357227b26b22ba296f39f605887e
java-11-openjdk-demo-fastdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: fa08dab74e50a06eea25de0b75fc32931b3d656f100b3094e5bc147c2e002a5b
java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 765b540030f63719c0a92c5bca08e29524cf54cec1089f0649675336b56b053f
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 3d1fd202910b51106bb8c2d3f7d5301de4722f71769cdab7a3f59260d0451e2d
java-11-openjdk-devel-fastdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: edd010d68b092af1826e2cb22e2d13c6b98b5d61f55d179420f6b172dbbac2d7
java-11-openjdk-devel-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: ea375d6a4209bfba0819125b029e9428136118f33a0afc3b30ef10838e22cdef
java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 5ff4e8c21e24c435573b6c5f1d161bd5d5e827c64ea7a7339e29aa901d5355df
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 3431c8e6244bebf7fe66e608d10a9efd71cb11bc76b480ba0a3d0f34c3ab5aba
java-11-openjdk-fastdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: e787efd2e62dc521173cac96a5cc6e0b54213ef6deaa9e485831fa056a7828d8
java-11-openjdk-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 67902d1807c516404a889b35f9d30cd32e5e0e58a2811bd6343d28663a56f290
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: cf4c050afb20258b0f7a9ff38f45a208269232fb35e7571125d1f59e07edb6f3
java-11-openjdk-headless-fastdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: b35ecf5a86cc1c5911cb6034ba83fac57c0ad234d689eeb2b9257041f971ed43
java-11-openjdk-headless-fastdebug-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 1adbc4183d81143a13a128fa4d7f273eca373e6638a56ac982c9e839ae08f0d1
java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 0b32a0093ce2dab4645d20d8b2ec9f8bd22d20d44ee7a1fd8a5e94190f5e60ea
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 8a37a77b69b439347ff2ca7575cd5d218bbff573039be4fa906fdd416ceb1d63
java-11-openjdk-jmods-fastdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: f4cd03c633f5e56f42a9f272e22c83e9992664b4073701f9f20b682084326cc2
java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 2f2687bafeac91e58c71a4089f7d50a8b0e2bd74dd6b263787a5b164efc51229
java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: 800731d3b257e14f77eeed9532a51ec252f36d6d7a9e08b83a10ca80b68435cc
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: aa4eb64606c211d2b75c17a29bc36728322a95f3c45511d51795613dd15b9bfb
java-11-openjdk-src-fastdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: ee017d07123e510f8ea06a614f4ac679ddd8f27d302e9fda1d93d5fa9d71de52
java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: a572c49a2fe18f201d96c0e65e1bbb6582265febd70308e68573ae654ca3d923
java-11-openjdk-static-libs-fastdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: e75eca0b6853e284f74d0cb7bbfbca39f7ef907d6ccbdf8478381cec9c49a255
java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_5.aarch64.rpm
SHA-256: dce2032a926ba7041f492a000cda740ef0f040cb5d6f4e1f773b6bf97c6abb04
Red Hat CodeReady Linux Builder for IBM z Systems 8
SRPM
s390x
java-11-openjdk-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: ac314d684295912ffebb192e66420352908429be49ec349b08e16b89c8cbbfff
java-11-openjdk-debugsource-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 084d1dd8315a76713f149ad6e14fde5a19233a4e60e31fac64e368b8ed076ca7
java-11-openjdk-demo-slowdebug-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 56793d9f5c9103ef73541950c112b7fccc2643ded16ff826ccf800954dd29242
java-11-openjdk-devel-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: ac0cdd8ddd5a4b5f68de3216ec97b379ac3d0a3d51e972497cffb7afe43a62d2
java-11-openjdk-devel-slowdebug-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 8af4829a4b0154b1317a4144ad2e0399a57ab183ab57c881e5ebf9fc420080b9
java-11-openjdk-devel-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: bc7b104ad6fcf948ae3eb8d6cdcf52d441daf4bd7faf588f55d98575a5ad085b
java-11-openjdk-headless-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 431c9ea1c35e195b93f8baa8d24792444e2553cbecf2d030187c7fbae7445ab3
java-11-openjdk-headless-slowdebug-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: d62c91ddbaef4c11ba7eab9a017a6f38665d73d3cb61923339e26639ae2a14e8
java-11-openjdk-headless-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 7232eac441b3f576fb07363a57eba4bed5cf15c7ddd1ef20bd8b37737ad107cf
java-11-openjdk-jmods-slowdebug-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: bc593092d9200cf950e4a53b3b76274ea45aca224449c8ae3757ce3d4cddb5b9
java-11-openjdk-slowdebug-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 7f619d3acd8673b161f5ac44f821277bfb1bcd8327161818c41b25cd8a5303cb
java-11-openjdk-slowdebug-debuginfo-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 0e20bc972c527aaaf251540886d1a6a84ae0821a5a0d8d2a24aad74251263c33
java-11-openjdk-src-slowdebug-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: 474b99237ff7396a4b4682acf6d2dfe336affd4dcff81f1cce414ca3f9c05e87
java-11-openjdk-static-libs-slowdebug-11.0.15.0.9-2.el8_5.s390x.rpm
SHA-256: ebfb4871e244f0c3476e483862d1b9e560516a251d7b38be95202c5ca570e450
Related news
Logging Subsystem 5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead to MITM attacks * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter
acs commons is an open source framework for AEM projects. ACS Commons version 5.1.x (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in /apps/acs-commons/content/page-compare.html` endpoint via the `a` and `b` GET parameters. User input submitted via these parameters is not validated or sanitized. An attacker must provide a link to someone with access to AEM Author, and could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. The exploitation of this issue requires user interaction in order to be successful. This issue has been resolved in 5.2.0. There are no known workarounds for this issue.
Updated Satellite 6.9 packages that fix several bugs are now available for Red Hat Satellite.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27023: puppet: unsafe HTTP redirect
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit `eb83de20`. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. There are no known workarounds for this issue.
Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml...
Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3516: libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c * CVE-2021-3518: libxml2: Use-after-free in xmlXIncludeDoProcess() in xinc...
Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue.
A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue.
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF.
Origin Protocol is a blockchain based project. The Origin Protocol project website allows for malicious users to inject malicious Javascript via a POST request to `/presale/join`. User-controlled data is passed with no sanitization to SendGrid and injected into an email that is delivered to the [email protected]. If the email recipient is using an email program that is susceptible to XSS, then that email recipient will receive an email that may contain malicious XSS. Regardless if the email recipient’s mail program has vulnerabilities or not, the hacker can at the very least inject malicious HTML that modifies the body content of the email. There are currently no known workarounds.
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receives and views such a malicious message, arbitrary code is injected and executed in the context of the victim. This allows the attacker to fully control the user account. Wire-desktop clients that are connected to a vulnerable wire-webapp version are also vulnerable to this attack. The issue has been fixed in wire-webapp 2022-03-30-production.0 and is already deployed on all Wire managed services. On-premise instances of wire-webapp need to be updated to docker tag 2022-03-30-production.0-v0.29.2-0-d144552 or wire-server 2022-03-30 (chart/4.8.0), so that their applications are no longer affected. There are no known workarounds for this issue. ### Patches * The issue has been fixed in wire-webapp **2022-03-30-production.0** an...
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21476: OpenJDK: Defective ...
New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
New Red Hat Single Sign-On 7.5.2 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
Oracle's April Critical Patch UPdate contains 520 new security patches. We spell out some of the most important vulnerabilities. The post Oracle releases massive Critical Patch Update containing 520 security patches appeared first on Malwarebytes Labs.
A security update is now available for Red Hat Single Sign-On 7.5 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45105: log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern
Red Hat OpenShift Container Platform release 4.9.29 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21449: OpenJDK: Improper E...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-...
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-...
Red Hat OpenShift Container Platform release 4.7.49 is now available with updates to packages and images that fix several bugs and add enhancements. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.49. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0711: haproxy: Denial of service via set-cookie2 header
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) *...
Red Hat OpenShift Container Platform release 4.8.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.37. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
Red Hat OpenShift Container Platform release 4.10.10 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty
Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors.
On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run. More generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended progra...
Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container.
next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks option. If you already have a `redirect` callback, make sure that you match the incoming `url` origin against the `baseUrl`.
The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service ...
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.
The WordPress plugin Be POPIA Compliant exposed sensitive information to unauthenticated users consisting of site visitors emails and usernames via an API route, in versions up to an including 1.1.5.
The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the ~/inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scripts in versions up to, and including, 1.7.21.
Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later.
Exploring what's next for public-cloud security, including top risks and how to implement better risk management.
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.