Filtered by vendor Redhat Subscriptions
Filtered by product Rhosemc Subscriptions
Total 105 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-23305 6 Apache, Broadcom, Netapp and 3 more 46 Log4j, Brocade Sannav, Snapmanager and 43 more 2024-11-21 9.8 Critical
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2022-23302 6 Apache, Broadcom, Netapp and 3 more 44 Log4j, Brocade Sannav, Snapmanager and 41 more 2024-11-21 8.8 High
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2022-21698 4 Fedoraproject, Prometheus, Rdo Project and 1 more 17 Extra Packages For Enterprise Linux, Fedora, Client Golang and 14 more 2024-11-21 7.5 High
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.
CVE-2022-1471 2 Redhat, Snakeyaml Project 13 Amq Clients, Amq Streams, Enterprise Linux and 10 more 2024-11-21 8.3 High
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
CVE-2022-1438 1 Redhat 3 Keycloak, Red Hat Single Sign On, Rhosemc 2024-11-21 6.4 Medium
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
CVE-2022-1274 1 Redhat 10 Enterprise Linux, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Ibm Z Systems Eus and 7 more 2024-11-21 5.4 Medium
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
CVE-2022-1245 1 Redhat 3 Keycloak, Red Hat Single Sign On, Rhosemc 2024-11-21 9.8 Critical
A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services.
CVE-2021-4133 1 Redhat 3 Keycloak, Red Hat Single Sign On, Rhosemc 2024-11-21 8.8 High
A flaw was found in Keycloak in versions from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even when new user registration is disabled.
CVE-2021-4104 4 Apache, Fedoraproject, Oracle and 1 more 59 Log4j, Fedora, Advanced Supply Chain Planning and 56 more 2024-11-21 7.5 High
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2021-46877 2 Fasterxml, Redhat 13 Jackson-databind, Amq Streams, Camel Spring Boot and 10 more 2024-11-21 7.5 High
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
CVE-2021-44906 2 Redhat, Substack 11 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Enterprise Bpms Platform and 8 more 2024-11-21 9.8 Critical
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
CVE-2021-43565 2 Golang, Redhat 9 Ssh, Acm, Advanced Cluster Security and 6 more 2024-11-21 7.5 High
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
CVE-2021-40690 4 Apache, Debian, Oracle and 1 more 26 Cxf, Santuario Xml Security For Java, Tomee and 23 more 2024-11-21 7.5 High
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
CVE-2021-3859 2 Netapp, Redhat 11 Cloud Secure Agent, Oncommand Insight, Oncommand Workflow Automation and 8 more 2024-11-21 7.5 High
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.
CVE-2021-3827 1 Redhat 6 Enterprise Linux, Keycloak, Openshift Container Platform and 3 more 2024-11-21 6.8 Medium
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity.
CVE-2021-35065 2 Gulpjs, Redhat 8 Glob-parent, Enterprise Linux, Logging and 5 more 2024-11-21 7.5 High
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
CVE-2021-32690 2 Helm, Redhat 5 Helm, Acm, Advanced Cluster Security and 2 more 2024-11-21 6.8 Medium
Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This issue has been resolved in 3.6.1. There is a workaround through which one may check for improperly passed credentials. One may use a username and password for a Helm repository and may audit the Helm repository in order to check for another domain being used that could have received the credentials. In the `index.yaml` file for that repository, one may look for another domain in the `urls` list for the chart versions. If there is another domain found and that chart version was pulled or installed, the credentials would be passed on.
CVE-2021-20289 4 Netapp, Oracle, Quarkus and 1 more 12 Oncommand Insight, Communications Cloud Native Core Console, Quarkus and 9 more 2024-11-21 5.3 Medium
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.
CVE-2021-0341 2 Google, Redhat 7 Android, Amq Streams, Jboss Data Grid and 4 more 2024-11-21 7.5 High
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069
CVE-2020-28241 4 Debian, Fedoraproject, Maxmind and 1 more 6 Debian Linux, Fedora, Libmaxminddb and 3 more 2024-11-21 6.5 Medium
libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.