Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2020:5568: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update (from 7.7 to 7.8) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This release of Red Hat Fuse 7.8.0 serves as a replacement for Red Hat Fuse 7.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es):

  • libquartz: XXE attacks via job description (CVE-2019-13990)
  • jetty: double release of resource can lead to information disclosure (CVE-2019-17638)
  • keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)
  • springframework: RFD attack via Content-Disposition Header sourced from request input by Spring MVC or Spring WebFlux Application (CVE-2020-5398)
  • wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
  • camel: RabbitMQ enables Java deserialization by default which could leed to remote code execution (CVE-2020-11972)
  • camel: Netty enables Java deserialization by default which could leed to remote code execution (CVE-2020-11973)
  • shiro: spring dynamic controllers, a specially crafted request may cause an authentication bypass (CVE-2020-11989)
  • camel: server-side template injection and arbitrary file disclosure on templating components (CVE-2020-11994)
  • postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692)
  • shiro: specially crafted HTTP request may cause an authentication bypass (CVE-2020-13933)
  • RESTEasy: Caching routes in RootNode may result in DoS (CVE-2020-14326)
  • jackson-modules-java8: DoS due to an Improper Input Validation (CVE-2018-1000873)
  • thrift: Endless loop when feed with specific input data (CVE-2019-0205)
  • thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)
  • mysql-connector-java: privilege escalation in MySQL connector (CVE-2019-2692)
  • spring-ws: XML External Entity Injection (XXE) when receiving XML data from untrusted sources (CVE-2019-3773)
  • spring-batch: XML External Entity Injection (XXE) when receiving XML data from untrusted sources (CVE-2019-3774)
  • codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)
  • hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
  • org.eclipse.paho.client.mqttv3: Improper hostname validation in the MQTT library (CVE-2019-11777)
  • cxf: does not restrict the number of message attachments (CVE-2019-12406)
  • cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)
  • hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
  • batik: SSRF via “xlink:href” (CVE-2019-17566)
  • Undertow: Memory Leak in Undertow HttpOpenListener due to holding remoting connections indefinitely (CVE-2019-19343)
  • Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)
  • apache-flink: JMX information disclosure vulnerability (CVE-2020-1960)
  • cryptacular: excessive memory allocation during a decode operation (CVE-2020-7226)
  • tika-core: Denial of Service Vulnerabilities in Some of Apache Tika’s Parsers (CVE-2020-9489)
  • dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
  • netty: compression/decompression codecs don’t enforce limits on buffer allocation sizes (CVE-2020-11612)
  • camel: DNS Rebinding in JMX Connector could result in remote command execution (CVE-2020-11971)
  • karaf: A remote client could create MBeans from arbitrary URLs (CVE-2020-11980)
  • tika: excessive memory usage in PSDParser (CVE-2020-1950)
  • log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
  • CVE-2018-1000873: jackson-modules-java8: DoS due to an Improper Input Validation
  • CVE-2019-0205: thrift: Endless loop when feed with specific input data
  • CVE-2019-0210: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol
  • CVE-2019-2692: mysql-connector-java: privilege escalation in MySQL connector
  • CVE-2019-3773: spring-ws: XML External Entity Injection (XXE) when receiving XML data from untrusted sources
  • CVE-2019-3774: spring-batch: XML External Entity Injection (XXE) when receiving XML data from untrusted sources
  • CVE-2019-10202: codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities
  • CVE-2019-10219: hibernate-validator: safeHTML validator allows XSS
  • CVE-2019-10768: AngularJS: Prototype pollution in merge function could result in code injection
  • CVE-2019-11777: org.eclipse.paho.client.mqttv3: Improper hostname validation in the MQTT library
  • CVE-2019-12406: cxf: does not restrict the number of message attachments
  • CVE-2019-12423: cxf: OpenId Connect token service does not properly validate the clientId
  • CVE-2019-13990: libquartz: XXE attacks via job description
  • CVE-2019-14900: hibernate: SQL injection issue in Hibernate ORM
  • CVE-2019-17566: batik: SSRF via “xlink:href”
  • CVE-2019-17638: jetty: double release of resource can lead to information disclosure
  • CVE-2019-19343: Undertow: Memory Leak in Undertow HttpOpenListener due to holding remoting connections indefinitely
  • CVE-2020-1714: keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution
  • CVE-2020-1719: Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
  • CVE-2020-1950: tika: excessive memory usage in PSDParser
  • CVE-2020-1960: apache-flink: JMX information disclosure vulnerability
  • CVE-2020-5398: springframework: RFD attack via Content-Disposition Header sourced from request input by Spring MVC or Spring WebFlux Application
  • CVE-2020-5410: spring-cloud-config-server: sending a request using a specially crafted URL can lead to a directory traversal attack
  • CVE-2020-7226: cryptacular: excessive memory allocation during a decode operation
  • CVE-2020-7676: nodejs-angular: XSS due to regex-based HTML replacement
  • CVE-2020-9488: log4j: improper validation of certificate with host mismatch in SMTP appender
  • CVE-2020-9489: tika-core: Denial of Service Vulnerabilities in Some of Apache Tika’s Parsers
  • CVE-2020-10683: dom4j: XML External Entity vulnerability in default SAX parser
  • CVE-2020-10740: wildfly: unsafe deserialization in Wildfly Enterprise Java Beans
  • CVE-2020-11612: netty: compression/decompression codecs don’t enforce limits on buffer allocation sizes
  • CVE-2020-11971: camel: DNS Rebinding in JMX Connector could result in remote command execution
  • CVE-2020-11972: camel: RabbitMQ enables Java deserialization by default which could leed to remote code execution
  • CVE-2020-11973: camel: Netty enables Java deserialization by default which could leed to remote code execution
  • CVE-2020-11980: karaf: A remote client could create MBeans from arbitrary URLs
  • CVE-2020-11989: shiro: spring dynamic controllers, a specially crafted request may cause an authentication bypass
  • CVE-2020-11994: camel: server-side template injection and arbitrary file disclosure on templating components
  • CVE-2020-13692: postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML
  • CVE-2020-13933: shiro: specially crafted HTTP request may cause an authentication bypass
  • CVE-2020-14326: RESTEasy: Caching routes in RootNode may result in DoS
Red Hat Security Data
#sql#xss#vulnerability#web#red_hat#dos#apache#nodejs#js#java

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update