Headline
RHSA-2023:1747: Red Hat Security Advisory: pki-core:10.6 security update
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2414: A flaw was found in pki-core. Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
Synopsis
Important: pki-core:10.6 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
- pki-core: access to external entities when parsing XML can lead to XXE (CVE-2022-2414)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2104676 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.src.rpm
SHA-256: c1829ac033fd88dff3991cbd354f03432ad5a95ced6dba22238399fb99a34b5f
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: 70d7afc62898a8ba8b016c0f129b38e128d9b809522a102f727943a142660d2d
pki-core-10.8.4-1.module+el8.2.0+17305+ef598dea.src.rpm
SHA-256: 6ff46d9ea688c35780d91e89aec7b104e5c06f20bb5f76b510ec1f0b0ebab9f2
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: a0e634bf241869c4d52e62ad58f20daeef2922d6e5d0788776cc87d4e6a627b5
x86_64
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 5ca0e0154e44d1a76c76b451eaf534bd5c3a8c337ff596989474bf715814db4f
jss-debuginfo-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 28325feaaaa538910372da129b9d70dda03ec30cbb0d1d404146002138edc8ea
jss-debugsource-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: bb066714b4bf3c089e8e2bd06f5c6a6a697aeeb2410dd239b805b8dac44e20b8
jss-javadoc-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 45735de3eef5ff41e55829cd576073b9cbca752d2d69e9f05d886a2860fc1602
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 62b9824ba1441a671d77b619f316c81cda87d60ed5025c729f2f5f79299e7344
ldapjdk-javadoc-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 0ae799af43578aac8ea74165e78a01faa371802dc4967ab0656073aeaed8156b
pki-base-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 33df42b62b85195a18dce7fbfb5a7120f10cd359455edcef65138d3895f4bcf9
pki-base-java-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 416d2c1d5d8bfae32f47b7e0b480df77fb8a23ed774cfbba500d42954bc448ee
pki-ca-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 3fb6622a5793bf60616976518861907672b29d7ec37ed47252e80cc0788a4144
pki-core-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 332a4ee2b7422f24df2282c942c9a7a2f5c8f579eddf8b06b294f12be0a2beaf
pki-core-debugsource-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 641e6297d777d9f5bbdabd954e793c789c84ea08bab9dd255e31d1907ec286db
pki-kra-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 67fac8875bd72d939b7c6e26b3261bc8d18d9745f2811f6e4cd6154ffb276b4b
pki-server-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: fb08c49f12bcf5f5eb710f486d26f9c9f3a816e371aa02312b5f56aabb22f4fc
pki-symkey-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: d4b668b79b5b96b57156dfd3d7fcd77547df085e5735869c24e0cbf2c24fb2ca
pki-symkey-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 878faf0277edd56d0b13b7ae2e6f5f3961a51a1015d8761eb45f9d7e9d52d507
pki-tools-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 1215a623002125e12502371cc3033722d718eb31d94d11c20f8c212e460ebe5f
pki-tools-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 4eb16cbbd232178c68019b25fb55d833191e3ba3b4a3e4954dd71daf646e9d75
python3-pki-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 8d4d2af9486c6d7635bf30b3694208983fbd7b8cbbe2b23a0e9b96399e759d2c
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: df6c6093222b14778379390e451518596c2314bdb5a1c752c068fb6f04d58710
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.src.rpm
SHA-256: c1829ac033fd88dff3991cbd354f03432ad5a95ced6dba22238399fb99a34b5f
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: 70d7afc62898a8ba8b016c0f129b38e128d9b809522a102f727943a142660d2d
pki-core-10.8.4-1.module+el8.2.0+17305+ef598dea.src.rpm
SHA-256: 6ff46d9ea688c35780d91e89aec7b104e5c06f20bb5f76b510ec1f0b0ebab9f2
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: a0e634bf241869c4d52e62ad58f20daeef2922d6e5d0788776cc87d4e6a627b5
x86_64
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 5ca0e0154e44d1a76c76b451eaf534bd5c3a8c337ff596989474bf715814db4f
jss-debuginfo-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 28325feaaaa538910372da129b9d70dda03ec30cbb0d1d404146002138edc8ea
jss-debugsource-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: bb066714b4bf3c089e8e2bd06f5c6a6a697aeeb2410dd239b805b8dac44e20b8
jss-javadoc-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 45735de3eef5ff41e55829cd576073b9cbca752d2d69e9f05d886a2860fc1602
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 62b9824ba1441a671d77b619f316c81cda87d60ed5025c729f2f5f79299e7344
ldapjdk-javadoc-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 0ae799af43578aac8ea74165e78a01faa371802dc4967ab0656073aeaed8156b
pki-base-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 33df42b62b85195a18dce7fbfb5a7120f10cd359455edcef65138d3895f4bcf9
pki-base-java-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 416d2c1d5d8bfae32f47b7e0b480df77fb8a23ed774cfbba500d42954bc448ee
pki-ca-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 3fb6622a5793bf60616976518861907672b29d7ec37ed47252e80cc0788a4144
pki-core-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 332a4ee2b7422f24df2282c942c9a7a2f5c8f579eddf8b06b294f12be0a2beaf
pki-core-debugsource-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 641e6297d777d9f5bbdabd954e793c789c84ea08bab9dd255e31d1907ec286db
pki-kra-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 67fac8875bd72d939b7c6e26b3261bc8d18d9745f2811f6e4cd6154ffb276b4b
pki-server-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: fb08c49f12bcf5f5eb710f486d26f9c9f3a816e371aa02312b5f56aabb22f4fc
pki-symkey-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: d4b668b79b5b96b57156dfd3d7fcd77547df085e5735869c24e0cbf2c24fb2ca
pki-symkey-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 878faf0277edd56d0b13b7ae2e6f5f3961a51a1015d8761eb45f9d7e9d52d507
pki-tools-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 1215a623002125e12502371cc3033722d718eb31d94d11c20f8c212e460ebe5f
pki-tools-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 4eb16cbbd232178c68019b25fb55d833191e3ba3b4a3e4954dd71daf646e9d75
python3-pki-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 8d4d2af9486c6d7635bf30b3694208983fbd7b8cbbe2b23a0e9b96399e759d2c
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: df6c6093222b14778379390e451518596c2314bdb5a1c752c068fb6f04d58710
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.src.rpm
SHA-256: c1829ac033fd88dff3991cbd354f03432ad5a95ced6dba22238399fb99a34b5f
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: 70d7afc62898a8ba8b016c0f129b38e128d9b809522a102f727943a142660d2d
pki-core-10.8.4-1.module+el8.2.0+17305+ef598dea.src.rpm
SHA-256: 6ff46d9ea688c35780d91e89aec7b104e5c06f20bb5f76b510ec1f0b0ebab9f2
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: a0e634bf241869c4d52e62ad58f20daeef2922d6e5d0788776cc87d4e6a627b5
ppc64le
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 62b9824ba1441a671d77b619f316c81cda87d60ed5025c729f2f5f79299e7344
ldapjdk-javadoc-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 0ae799af43578aac8ea74165e78a01faa371802dc4967ab0656073aeaed8156b
pki-base-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 33df42b62b85195a18dce7fbfb5a7120f10cd359455edcef65138d3895f4bcf9
pki-base-java-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 416d2c1d5d8bfae32f47b7e0b480df77fb8a23ed774cfbba500d42954bc448ee
pki-ca-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 3fb6622a5793bf60616976518861907672b29d7ec37ed47252e80cc0788a4144
pki-kra-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 67fac8875bd72d939b7c6e26b3261bc8d18d9745f2811f6e4cd6154ffb276b4b
pki-server-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: fb08c49f12bcf5f5eb710f486d26f9c9f3a816e371aa02312b5f56aabb22f4fc
python3-pki-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 8d4d2af9486c6d7635bf30b3694208983fbd7b8cbbe2b23a0e9b96399e759d2c
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: df6c6093222b14778379390e451518596c2314bdb5a1c752c068fb6f04d58710
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.ppc64le.rpm
SHA-256: e753e3dc75fe314bec0f48bc3b1150e3cff0cfb38785eaef7c3e0f56c2553d31
jss-debuginfo-4.6.2-12.module+el8.2.0+10554+cf83aa72.ppc64le.rpm
SHA-256: bccd8d1599918281a0ead2389aa0b131c21e266e6601a2b9493140392a5b5cfa
jss-debugsource-4.6.2-12.module+el8.2.0+10554+cf83aa72.ppc64le.rpm
SHA-256: 3efbdbfb45c8bfa801e0186aa0c416967c5bdfc5fcfc38ee21a9d127eaa2211b
jss-javadoc-4.6.2-12.module+el8.2.0+10554+cf83aa72.ppc64le.rpm
SHA-256: a3f495e0ac2d3768a1e4fd28e8d6f1dd89ff723b4945e77afee77cd1047b6611
pki-core-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.ppc64le.rpm
SHA-256: a03584f421e8c5e793421a079c48a8072068d4d09bd0c63183e80bd291d2fa58
pki-core-debugsource-10.8.4-1.module+el8.2.0+17305+ef598dea.ppc64le.rpm
SHA-256: c152549aa07906725905548b765d2595e87ea08231d969ee906cd5c3c17f253a
pki-symkey-10.8.4-1.module+el8.2.0+17305+ef598dea.ppc64le.rpm
SHA-256: 1d72aa7f1d1514d67ab8011988f9eb9543cf3e81c86f119d6d229de474b486bd
pki-symkey-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.ppc64le.rpm
SHA-256: bde196e006781be4e7ae16de3ecec683f3168dfb9b859d64dab5056e0332c7e1
pki-tools-10.8.4-1.module+el8.2.0+17305+ef598dea.ppc64le.rpm
SHA-256: 93183201639c4d9c7246e0548a6559c1d18b645507704c42ac4b47ebdcee7314
pki-tools-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.ppc64le.rpm
SHA-256: f53692c57fed6afc7acf9a3f105da0d82f728c828654c1000026ca25f37a0ff6
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.src.rpm
SHA-256: c1829ac033fd88dff3991cbd354f03432ad5a95ced6dba22238399fb99a34b5f
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: 70d7afc62898a8ba8b016c0f129b38e128d9b809522a102f727943a142660d2d
pki-core-10.8.4-1.module+el8.2.0+17305+ef598dea.src.rpm
SHA-256: 6ff46d9ea688c35780d91e89aec7b104e5c06f20bb5f76b510ec1f0b0ebab9f2
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.src.rpm
SHA-256: a0e634bf241869c4d52e62ad58f20daeef2922d6e5d0788776cc87d4e6a627b5
x86_64
jss-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 5ca0e0154e44d1a76c76b451eaf534bd5c3a8c337ff596989474bf715814db4f
jss-debuginfo-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 28325feaaaa538910372da129b9d70dda03ec30cbb0d1d404146002138edc8ea
jss-debugsource-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: bb066714b4bf3c089e8e2bd06f5c6a6a697aeeb2410dd239b805b8dac44e20b8
jss-javadoc-4.6.2-12.module+el8.2.0+10554+cf83aa72.x86_64.rpm
SHA-256: 45735de3eef5ff41e55829cd576073b9cbca752d2d69e9f05d886a2860fc1602
ldapjdk-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 62b9824ba1441a671d77b619f316c81cda87d60ed5025c729f2f5f79299e7344
ldapjdk-javadoc-4.21.0-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: 0ae799af43578aac8ea74165e78a01faa371802dc4967ab0656073aeaed8156b
pki-base-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 33df42b62b85195a18dce7fbfb5a7120f10cd359455edcef65138d3895f4bcf9
pki-base-java-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 416d2c1d5d8bfae32f47b7e0b480df77fb8a23ed774cfbba500d42954bc448ee
pki-ca-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 3fb6622a5793bf60616976518861907672b29d7ec37ed47252e80cc0788a4144
pki-core-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 332a4ee2b7422f24df2282c942c9a7a2f5c8f579eddf8b06b294f12be0a2beaf
pki-core-debugsource-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 641e6297d777d9f5bbdabd954e793c789c84ea08bab9dd255e31d1907ec286db
pki-kra-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 67fac8875bd72d939b7c6e26b3261bc8d18d9745f2811f6e4cd6154ffb276b4b
pki-server-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: fb08c49f12bcf5f5eb710f486d26f9c9f3a816e371aa02312b5f56aabb22f4fc
pki-symkey-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: d4b668b79b5b96b57156dfd3d7fcd77547df085e5735869c24e0cbf2c24fb2ca
pki-symkey-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 878faf0277edd56d0b13b7ae2e6f5f3961a51a1015d8761eb45f9d7e9d52d507
pki-tools-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 1215a623002125e12502371cc3033722d718eb31d94d11c20f8c212e460ebe5f
pki-tools-debuginfo-10.8.4-1.module+el8.2.0+17305+ef598dea.x86_64.rpm
SHA-256: 4eb16cbbd232178c68019b25fb55d833191e3ba3b4a3e4954dd71daf646e9d75
python3-pki-10.8.4-1.module+el8.2.0+17305+ef598dea.noarch.rpm
SHA-256: 8d4d2af9486c6d7635bf30b3694208983fbd7b8cbbe2b23a0e9b96399e759d2c
tomcatjss-7.4.1-2.module+el8.2.0+6294+b7db4606.noarch.rpm
SHA-256: df6c6093222b14778379390e451518596c2314bdb5a1c752c068fb6f04d58710
Related news
Red Hat Security Advisory 2023-3394-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2393: A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able t...
Red Hat Security Advisory 2023-1966-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
Red Hat Security Advisory 2023-1747-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414.
Red Hat Security Advisory 2022-8915-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update is now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
Red Hat Security Advisory 2022-8799-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
Red Hat Security Advisory 2022-7326-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update for pki-core is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2414: pki-core: access to external entities when parsing XML can lead to XXE
Attackers could ‘take full control of the infrastructure’, warn researchers
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.