Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7692: Red Hat Security Advisory: xmlrpc-c security update

An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-46143: expat: Integer overflow in doProlog in xmlparse.c
  • CVE-2022-22822: expat: Integer overflow in addBinding in xmlparse.c
  • CVE-2022-22823: expat: Integer overflow in build_model in xmlparse.c
  • CVE-2022-22824: expat: Integer overflow in defineAttribute in xmlparse.c
  • CVE-2022-22825: expat: Integer overflow in lookup in xmlparse.c
  • CVE-2022-22826: expat: Integer overflow in nextScaffoldPart in xmlparse.c
  • CVE-2022-22827: expat: Integer overflow in storeAtts in xmlparse.c
Red Hat Security Data
#vulnerability#linux#red_hat#c++#ibm

Synopsis

Moderate: xmlrpc-c security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML.

Security Fix(es):

  • expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)
  • expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)
  • expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)
  • expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)
  • expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)
  • expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)
  • expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2044455 - CVE-2021-46143 expat: Integer overflow in doProlog in xmlparse.c
  • BZ - 2044457 - CVE-2022-22822 expat: Integer overflow in addBinding in xmlparse.c
  • BZ - 2044464 - CVE-2022-22823 expat: Integer overflow in build_model in xmlparse.c
  • BZ - 2044467 - CVE-2022-22824 expat: Integer overflow in defineAttribute in xmlparse.c
  • BZ - 2044479 - CVE-2022-22825 expat: Integer overflow in lookup in xmlparse.c
  • BZ - 2044484 - CVE-2022-22826 expat: Integer overflow in nextScaffoldPart in xmlparse.c
  • BZ - 2044488 - CVE-2022-22827 expat: Integer overflow in storeAtts in xmlparse.c

CVEs

  • CVE-2021-46143
  • CVE-2022-22822
  • CVE-2022-22823
  • CVE-2022-22824
  • CVE-2022-22825
  • CVE-2022-22826
  • CVE-2022-22827

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

xmlrpc-c-1.51.0-8.el8.src.rpm

SHA-256: 3d6a23b31889057138950e44cbe401f4eb872d6134b4410abe98a5d318098902

x86_64

xmlrpc-c-1.51.0-8.el8.i686.rpm

SHA-256: 066a70f02f7d29ef5f77bae98fd8890ab3cbaa97ef32416c8406e05cf81a7561

xmlrpc-c-1.51.0-8.el8.x86_64.rpm

SHA-256: ef5ed54ea084bf654eafdc6cba8762332c280e9e4ee4a92cc321276f4e8aaa10

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 8e2e6106e85bf8d21964b75160d338f914bfbd5ba0b85780b45ad1099cc284b6

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: deecf8f5707dbf311f6d60692f7026d0885bd88c7b0bb52e83272c24160aa515

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 27763b04b00c540180d30a71745879cffa48714a5598dc647540fcb1f92ebeeb

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: 2acac7ab590737273045fe004c457b26c63774eda636939a78002e0ff415487d

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: ae51020c0a4104cfb9a229d99698a7af9a8c36e94d8e264be92ace0e256bc425

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: 246a8e4d00a1ddc0699f5881c433bc649b7f59c3d6ff6371e77a6887611b22fe

xmlrpc-c-client-1.51.0-8.el8.i686.rpm

SHA-256: 8caba99f743e0e70848b6e72ca5d3a974029ec47d8257f8e9d2530dab27c0cc7

xmlrpc-c-client-1.51.0-8.el8.x86_64.rpm

SHA-256: 2a2b840bb0d7490126bce8807522f24789b8b131c168f378cbfa7fe55b91ebcc

xmlrpc-c-client-debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 8db6fdbbe265043609c7f65ba578390fc236b4d3b03f4d06fcd77fef8ea1e371

xmlrpc-c-client-debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: 975f12baeccb6986da39368d934bbc7d42938f036c09d10c43678a05401a9a72

xmlrpc-c-debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 062620c2a34a84ebf4e47f32a1a902d88085394209950a6b6249b0fdbcfed79a

xmlrpc-c-debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: ca81c7fcfca2b87362883a8daa8f80c3937a8049666c422ae80f07088cb6ce4f

xmlrpc-c-debugsource-1.51.0-8.el8.i686.rpm

SHA-256: 7ad8017b920c548827ac00f4ae44c07a5b7e545cb4f57ff2672e45491a2aa6a4

xmlrpc-c-debugsource-1.51.0-8.el8.x86_64.rpm

SHA-256: 153c787d23b4425dfa21676ea4936dc28086abbc581a874f0977414f29ccc2cd

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

xmlrpc-c-1.51.0-8.el8.src.rpm

SHA-256: 3d6a23b31889057138950e44cbe401f4eb872d6134b4410abe98a5d318098902

s390x

xmlrpc-c-1.51.0-8.el8.s390x.rpm

SHA-256: cfbb7c1da1ba8fb184801f855f91c64f6e082f456b31c63d51767dc75305b04a

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: bdeb2c2fc362ba9e8e90ad5d2f92dc69ecfd1a036a870ef04f5a3113b7835185

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: 10d788579ec38a27375457fe558f7ebd8fa5c0895263692139cf4c96af5a0887

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: f6c1a47dc24ede36086dbf20a75947f16d2d5d102b51f332045dc615033e3b13

xmlrpc-c-client-1.51.0-8.el8.s390x.rpm

SHA-256: 123e08fbd4170991ea5c7a67f3959e07d65b294770d292e09ef24c43cdd44d2c

xmlrpc-c-client-debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: 28e8ebdb2b3b435aa6143b923a88c605be97e0cc8b5fbc978999c8703188e79a

xmlrpc-c-debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: b0cf296d8aa90702f48a576920fee603eacf13901e295c1615817bf897484c15

xmlrpc-c-debugsource-1.51.0-8.el8.s390x.rpm

SHA-256: e9d9edd7b8c79e47075d78f9deed8b385eb10c52df519f7094b35f286bf886c7

Red Hat Enterprise Linux for Power, little endian 8

SRPM

xmlrpc-c-1.51.0-8.el8.src.rpm

SHA-256: 3d6a23b31889057138950e44cbe401f4eb872d6134b4410abe98a5d318098902

ppc64le

xmlrpc-c-1.51.0-8.el8.ppc64le.rpm

SHA-256: 2b67f722595e79121c3091e99e1cef0dc876536b6001d971b2b2ffc7ff0228da

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: 17089a9304df144665c1846bba882baf21565f0bfabe755dde0c9ff096589a88

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: 65e473339fac289fd9915c84083aedc3009b2d8c0446fe8a0b7ce1c4845e4a50

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: 8c532d9826843d3609daffb133864d52537333641dedf67882605b0f484c5d79

xmlrpc-c-client-1.51.0-8.el8.ppc64le.rpm

SHA-256: 408ee82ab091907e6fbc6b15c3eb8d3890a0588b3a28f73b4dc7f1e97b4ddc04

xmlrpc-c-client-debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: affe44a5b577d318c4c8e41ee2aa4ee2e5c49ff174224fcf6ca52a2ca5fd6d52

xmlrpc-c-debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: a640384a5ab2bb03092b9ab8055d1b6cd6fb533e9d88fc70b89614a3d77fe382

xmlrpc-c-debugsource-1.51.0-8.el8.ppc64le.rpm

SHA-256: 2bf5047005a7863b9af16a28720bf2cf2d7708311d2b098c920e91b7607938bc

Red Hat Enterprise Linux for ARM 64 8

SRPM

xmlrpc-c-1.51.0-8.el8.src.rpm

SHA-256: 3d6a23b31889057138950e44cbe401f4eb872d6134b4410abe98a5d318098902

aarch64

xmlrpc-c-1.51.0-8.el8.aarch64.rpm

SHA-256: d9d7401125e80541cbc4ff885c70157ff74c9b85374d3288c0b55d03f208fc73

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: dc3e786c57ac8a63ef45debb36308a4eec70e45cab520c309365aacfa63605bf

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: 060e59fc4a011e78857179e05fa8d46e624953b46eba25f56732ede7c95dca9f

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: 11c0df94136ab5caa73ba5bf0fef181ae8f46a056f33c1652a06e742ba133c83

xmlrpc-c-client-1.51.0-8.el8.aarch64.rpm

SHA-256: 30c60919bcdb6304304654a44ca6931f04350655cc1672ce27d71d713b45608f

xmlrpc-c-client-debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: cb33092f07eb6661003caa92a4008bc8ad87f6c2b6c02f520fa393fb113706c8

xmlrpc-c-debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: c1851b2cb11eb7aca07e8fdbd2de279e89da78e909ff4b05f180947470368a4b

xmlrpc-c-debugsource-1.51.0-8.el8.aarch64.rpm

SHA-256: 9aaa634fe7d0ce47807284a58e9e8c22b350973ad899d55c2c4f0c172feea8ba

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 8e2e6106e85bf8d21964b75160d338f914bfbd5ba0b85780b45ad1099cc284b6

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: deecf8f5707dbf311f6d60692f7026d0885bd88c7b0bb52e83272c24160aa515

xmlrpc-c-c+±1.51.0-8.el8.i686.rpm

SHA-256: a1900f98533722f7683b7782b799cc511eeebeb769f6999e56a4ae1b91cadc3c

xmlrpc-c-c+±1.51.0-8.el8.x86_64.rpm

SHA-256: 1fc8635b3534537af03ea19b2a9bbd9dd2fa0d4fda16ba29b9781c9cd24cc0a2

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 27763b04b00c540180d30a71745879cffa48714a5598dc647540fcb1f92ebeeb

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: 2acac7ab590737273045fe004c457b26c63774eda636939a78002e0ff415487d

xmlrpc-c-client+±1.51.0-8.el8.i686.rpm

SHA-256: 52e10c4bcf018771f7e7428fe02f48659337f278eb77606585d3922443227d2c

xmlrpc-c-client+±1.51.0-8.el8.x86_64.rpm

SHA-256: 2eb3632f7ee2c10f1367c61ac38c10457ceaf67d7228972409e354841b211a63

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: ae51020c0a4104cfb9a229d99698a7af9a8c36e94d8e264be92ace0e256bc425

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: 246a8e4d00a1ddc0699f5881c433bc649b7f59c3d6ff6371e77a6887611b22fe

xmlrpc-c-client-debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 8db6fdbbe265043609c7f65ba578390fc236b4d3b03f4d06fcd77fef8ea1e371

xmlrpc-c-client-debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: 975f12baeccb6986da39368d934bbc7d42938f036c09d10c43678a05401a9a72

xmlrpc-c-debuginfo-1.51.0-8.el8.i686.rpm

SHA-256: 062620c2a34a84ebf4e47f32a1a902d88085394209950a6b6249b0fdbcfed79a

xmlrpc-c-debuginfo-1.51.0-8.el8.x86_64.rpm

SHA-256: ca81c7fcfca2b87362883a8daa8f80c3937a8049666c422ae80f07088cb6ce4f

xmlrpc-c-debugsource-1.51.0-8.el8.i686.rpm

SHA-256: 7ad8017b920c548827ac00f4ae44c07a5b7e545cb4f57ff2672e45491a2aa6a4

xmlrpc-c-debugsource-1.51.0-8.el8.x86_64.rpm

SHA-256: 153c787d23b4425dfa21676ea4936dc28086abbc581a874f0977414f29ccc2cd

xmlrpc-c-devel-1.51.0-8.el8.i686.rpm

SHA-256: 6dae1bf7e3ccf5166a003d5fcaefdc341c9d97b6905c21b4013f8627e417c9d8

xmlrpc-c-devel-1.51.0-8.el8.x86_64.rpm

SHA-256: 4cd0333e67284bdbef523c9dcdd22f4f99492f507a945c6bf5cb2289b5380a00

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: 17089a9304df144665c1846bba882baf21565f0bfabe755dde0c9ff096589a88

xmlrpc-c-c+±1.51.0-8.el8.ppc64le.rpm

SHA-256: 8967f6532182a09257ebaa084ebe7d9d845150d2574711e16a5a8bc2330d3739

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: 65e473339fac289fd9915c84083aedc3009b2d8c0446fe8a0b7ce1c4845e4a50

xmlrpc-c-client+±1.51.0-8.el8.ppc64le.rpm

SHA-256: fe31187a0407476276a7340f7aaad990091d5481c7ab0bbfa1e8da1e7ac82151

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: 8c532d9826843d3609daffb133864d52537333641dedf67882605b0f484c5d79

xmlrpc-c-client-debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: affe44a5b577d318c4c8e41ee2aa4ee2e5c49ff174224fcf6ca52a2ca5fd6d52

xmlrpc-c-debuginfo-1.51.0-8.el8.ppc64le.rpm

SHA-256: a640384a5ab2bb03092b9ab8055d1b6cd6fb533e9d88fc70b89614a3d77fe382

xmlrpc-c-debugsource-1.51.0-8.el8.ppc64le.rpm

SHA-256: 2bf5047005a7863b9af16a28720bf2cf2d7708311d2b098c920e91b7607938bc

xmlrpc-c-devel-1.51.0-8.el8.ppc64le.rpm

SHA-256: b6bf71e30782f246efe255c11eee5fc032550be83627b331862fd5919ee75924

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: dc3e786c57ac8a63ef45debb36308a4eec70e45cab520c309365aacfa63605bf

xmlrpc-c-c+±1.51.0-8.el8.aarch64.rpm

SHA-256: 8f2a3fff94f1905ed85a7fbe08dd6c15c3cc6260a49ce020849455e6fd28c696

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: 060e59fc4a011e78857179e05fa8d46e624953b46eba25f56732ede7c95dca9f

xmlrpc-c-client+±1.51.0-8.el8.aarch64.rpm

SHA-256: 99893a3743874c04310be6ae2e1cd43da1a11102f68e1350865266b8dc4e380a

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: 11c0df94136ab5caa73ba5bf0fef181ae8f46a056f33c1652a06e742ba133c83

xmlrpc-c-client-debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: cb33092f07eb6661003caa92a4008bc8ad87f6c2b6c02f520fa393fb113706c8

xmlrpc-c-debuginfo-1.51.0-8.el8.aarch64.rpm

SHA-256: c1851b2cb11eb7aca07e8fdbd2de279e89da78e909ff4b05f180947470368a4b

xmlrpc-c-debugsource-1.51.0-8.el8.aarch64.rpm

SHA-256: 9aaa634fe7d0ce47807284a58e9e8c22b350973ad899d55c2c4f0c172feea8ba

xmlrpc-c-devel-1.51.0-8.el8.aarch64.rpm

SHA-256: f314a3a99f9acdb612bd717eb74f49f70230cb800965490917b9511ee92af2d5

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

xmlrpc-c-apps-debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: bdeb2c2fc362ba9e8e90ad5d2f92dc69ecfd1a036a870ef04f5a3113b7835185

xmlrpc-c-c+±1.51.0-8.el8.s390x.rpm

SHA-256: e78836c99bef29340d660655520b56ebcb6ead0da49472ba3193d9595de7cf71

xmlrpc-c-c+±debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: 10d788579ec38a27375457fe558f7ebd8fa5c0895263692139cf4c96af5a0887

xmlrpc-c-client+±1.51.0-8.el8.s390x.rpm

SHA-256: b043fe46fff8a2c5a531c624bb0197788f4c499388e2d2088fecc49dbf4ecab0

xmlrpc-c-client+±debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: f6c1a47dc24ede36086dbf20a75947f16d2d5d102b51f332045dc615033e3b13

xmlrpc-c-client-debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: 28e8ebdb2b3b435aa6143b923a88c605be97e0cc8b5fbc978999c8703188e79a

xmlrpc-c-debuginfo-1.51.0-8.el8.s390x.rpm

SHA-256: b0cf296d8aa90702f48a576920fee603eacf13901e295c1615817bf897484c15

xmlrpc-c-debugsource-1.51.0-8.el8.s390x.rpm

SHA-256: e9d9edd7b8c79e47075d78f9deed8b385eb10c52df519f7094b35f286bf886c7

xmlrpc-c-devel-1.51.0-8.el8.s390x.rpm

SHA-256: b09122739ad8c7fbf60343196b318b30056f824b549528b787763bfaa886ae36

Related news

CVE-2023-28864: Chef Infra Server Release Notes

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Red Hat Security Advisory 2022-7692-01

Red Hat Security Advisory 2022-7692-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-7143-01

Red Hat Security Advisory 2022-7143-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7143-01

Red Hat Security Advisory 2022-7143-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7143-01

Red Hat Security Advisory 2022-7143-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7143-01

Red Hat Security Advisory 2022-7143-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7143-01

Red Hat Security Advisory 2022-7143-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7143-01

Red Hat Security Advisory 2022-7143-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

RHSA-2022:7143: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7143: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7143: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7143: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7143: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7143: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7143: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7144: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7144: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7144: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7144: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7144: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7144: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

RHSA-2022:7144: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33193: httpd: Request splitting via HTTP/2 method injection and mod_proxy * CVE-2021-36160: httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * CVE-2021-39275: httpd: Out-of-bounds write in ap_escape_quotes() via malicious input * CVE-2021-41524: httpd: NULL pointer dereference via crafted request during HTTP/2 request processing * CVE-202...

CVE-2022-41587: October

Uncaptured exceptions in the home screen module. Successful exploitation of this vulnerability may affect stability.

CVE-2022-20399: Android Security Bulletin—September 2022  |  Android Open Source Project

In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219808546References: Upstream kernel

CVE-2022-33932: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.

CVE-2022-31238: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.

CVE-2022-33932: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.

CVE-2022-33932: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.

CVE-2022-33932: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.

CVE-2022-31238: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.

CVE-2022-31238: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.

CVE-2022-31238: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.

CVE-2022-31238: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.

CVE-2022-33932: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.

CVE-2022-31238: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.

CVE-2022-33932: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.

CVE-2022-33932: DSA-2022-149: Dell EMC PowerScale OneFS Security Update for Multiple Vulnerabilities

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.

CVE-2022-26657: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-25357: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.

CVE-2022-26657: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-26657: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-26657: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-31230: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.

CVE-2022-31229: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVE-2022-31229: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVE-2022-31230: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.

CVE-2022-31230: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.

CVE-2022-31229: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVE-2022-31230: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.

CVE-2022-31229: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVE-2022-31229: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVE-2022-31229: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVE-2022-31230: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.

CVE-2022-31230: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.

CVE-2022-31229: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVE-2022-31230: DSA-2022-118: Dell EMC PowerScale OneFS Security Update

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.

Red Hat Security Advisory 2022-1747-01

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

Red Hat Security Advisory 2022-1747-01

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

Red Hat Security Advisory 2022-1747-01

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

Red Hat Security Advisory 2022-1747-01

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

Red Hat Security Advisory 2022-1747-01

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

Red Hat Security Advisory 2022-1747-01

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

Red Hat Security Advisory 2022-1747-01

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.