RedHat: RHSA-2021-5134:05 Critical: Red Hat Fuse 7.10.0 release and...

Advisories

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: Red Hat Fuse 7.10.0 release and security update
Advisory ID:       RHSA-2021:5134-01
Product:           Red Hat JBoss Fuse
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:5134
Issue date:        2021-12-14
CVE Names:         CVE-2019-10744 CVE-2019-12415 CVE-2020-2875 
                   CVE-2020-2934 CVE-2020-9488 CVE-2020-11987 
                   CVE-2020-11988 CVE-2020-13943 CVE-2020-13949 
                   CVE-2020-15522 CVE-2020-17521 CVE-2020-17527 
                   CVE-2020-26217 CVE-2020-26259 CVE-2020-27218 
                   CVE-2020-27223 CVE-2020-27782 CVE-2020-28491 
                   CVE-2020-35510 CVE-2021-3536 CVE-2021-3597 
                   CVE-2021-3629 CVE-2021-3690 CVE-2021-20218 
                   CVE-2021-21290 CVE-2021-21295 CVE-2021-21341 
                   CVE-2021-21342 CVE-2021-21343 CVE-2021-21344 
                   CVE-2021-21345 CVE-2021-21346 CVE-2021-21347 
                   CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 
                   CVE-2021-21351 CVE-2021-21409 CVE-2021-22118 
                   CVE-2021-22696 CVE-2021-23926 CVE-2021-27568 
                   CVE-2021-28163 CVE-2021-28164 CVE-2021-28169 
                   CVE-2021-28170 CVE-2021-29425 CVE-2021-30129 
                   CVE-2021-30468 CVE-2021-34428 CVE-2021-37136 
                   CVE-2021-37137 CVE-2021-37714 CVE-2021-44228 
=====================================================================

1. Summary:

A minor version update (from 7.9 to 7.10) is now available for Red Hat
Fuse. The purpose of this text-only errata is to inform you about the
security issues fixed in this release.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Description:

This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat
Fuse 7.9, and includes bug fixes and enhancements, which are documented in
the Release Notes document linked to in the References.

Security Fix(es):

*  log4j-core (CVE-2020-9488, CVE-2021-44228)

*  nodejs-lodash (CVE-2019-10744)

*  libthrift (CVE-2020-13949)

*  xstream (CVE-2020-26217, CVE-2020-26259, CVE-2021-21341, CVE-2021-21342,
CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346,
CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350,
CVE-2021-21351)

*  undertow (CVE-2020-27782, CVE-2021-3597, CVE-2021-3629, CVE-2021-3690)

*  xmlbeans (CVE-2021-23926)

*  batik (CVE-2020-11987)

*  xmlgraphics-commons (CVE-2020-11988)

*  tomcat (CVE-2020-13943)

*  bouncycastle (CVE-2020-15522, CVE-2020-15522)

*  groovy (CVE-2020-17521)

*  tomcat (CVE-2020-17527)

*  jetty (CVE-2020-27218, CVE-2020-27223, CVE-2021-28163, CVE-2021-28164,
CVE-2021-28169, CVE-2021-34428)

*  jackson-dataformat-cbor (CVE-2020-28491)

*  jboss-remoting (CVE-2020-35510)

*  kubernetes-client (CVE-2021-20218)

*  netty (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409)

*  spring-web (CVE-2021-22118)

*  cxf-core (CVE-2021-22696)

*  json-smart (CVE-2021-27568)

*  jakarta.el (CVE-2021-28170)

*  commons-io (CVE-2021-29425)

*  sshd-core (CVE-2021-30129)

*  cxf-rt-rs-json-basic (CVE-2021-30468)

*  netty-codec (CVE-2021-37136, CVE-2021-37137)

*  jsoup (CVE-2021-37714)

*  poi (CVE-2019-12415)

*  mysql-connector-java (CVE-2020-2875, CVE-2020-2934)

*  wildfly (CVE-2021-3536)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

Installation instructions are available from the Fuse 7.10.0 product
documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/

4. Bugs fixed (https://bugzilla.redhat.com/):

1739497 - CVE-2019-10744 nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties
1802531 - CVE-2019-12415 poi: a specially crafted Microsoft Excel document allows attacker to read files from the local filesystem
1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender
1851014 - CVE-2020-2934 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete
1851019 - CVE-2020-2875 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete
1887648 - CVE-2020-13943 tomcat: Apache Tomcat HTTP/2 Request mix-up
1898907 - CVE-2020-26217 XStream: remote code execution due to insecure XML deserialization when relying on blocklists
1901304 - CVE-2020-27782 undertow: special character in query results in server errors
1902826 - CVE-2020-27218 jetty: buffer not correctly recycled in Gzip Request inflation
1904221 - CVE-2020-17527 tomcat: HTTP/2 request header mix-up
1905796 - CVE-2020-35510 jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client
1908837 - CVE-2020-26259 XStream: arbitrary file deletion on the local host when unmarshalling
1922102 - CVE-2021-23926 xmlbeans: allowed malicious XML input may lead to XML Entity Expansion attack
1922123 - CVE-2020-17521 groovy: OS temporary directory leads to information disclosure
1923405 - CVE-2021-20218 fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise
1927028 - CVE-2021-21290 netty: Information disclosure via the local system temporary directory
1928172 - CVE-2020-13949 libthrift: potential DoS when processing untrusted payloads
1930423 - CVE-2020-28491 jackson-dataformat-cbor:  Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception
1933808 - CVE-2020-11987 batik: SSRF due to improper input validation by the NodePickerPanel
1933816 - CVE-2020-11988 xmlgraphics-commons: SSRF due to improper input validation by the XMPParser
1934116 - CVE-2020-27223 jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS
1937364 - CVE-2021-21295 netty: possible request smuggling in HTTP/2 due missing validation
1939839 - CVE-2021-27568 json-smart: uncaught exception may lead to crash or information disclosure
1942539 - CVE-2021-21341 XStream: allow a remote attacker to cause DoS only by manipulating the processed input stream
1942545 - CVE-2021-21342 XStream: SSRF via crafted input stream
1942550 - CVE-2021-21343 XStream: arbitrary file deletion on the local host via crafted input stream
1942554 - CVE-2021-21344 XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet
1942558 - CVE-2021-21345 XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry
1942578 - CVE-2021-21346 XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue
1942629 - CVE-2021-21347 XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator
1942633 - CVE-2021-21348 XStream: ReDoS vulnerability
1942635 - CVE-2021-21349 XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
1942637 - CVE-2021-21350 XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader
1942642 - CVE-2021-21351 XStream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream
1944888 - CVE-2021-21409 netty: Request smuggling via content-length header
1945710 - CVE-2021-28163 jetty: Symlink directory exposes webapp directory contents
1945712 - CVE-2021-28164 jetty: Ambiguous paths can access WEB-INF
1946341 - CVE-2021-22696 cxf: OAuth 2 authorization service vulnerable to DDos attacks
1948001 - CVE-2021-3536 wildfly: XSS via admin console when creating roles in domain mode
1948752 - CVE-2021-29425 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6
1962879 - CVE-2020-15522 bouncycastle: Timing issue within the EC math library
1965497 - CVE-2021-28170 jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate
1970930 - CVE-2021-3597 undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS
1971016 - CVE-2021-28169 jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory
1973392 - CVE-2021-30468 CXF: Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter
1974854 - CVE-2021-22118 spring-web: (re)creating the temporary storage directory could result in  a privilege escalation within WebFlux application
1974891 - CVE-2021-34428 jetty: SessionListener can prevent a session from being invalidated breaking logout
1977362 - CVE-2021-3629 undertow: potential security issue in flow control over HTTP/2 may lead to DOS
1981527 - CVE-2021-30129 mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server
1991299 - CVE-2021-3690 undertow: buffer leak on incoming websocket PONG message may lead to DoS
1995259 - CVE-2021-37714 jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck
2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data
2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

5. References:

https://access.redhat.com/security/cve/CVE-2019-10744
https://access.redhat.com/security/cve/CVE-2019-12415
https://access.redhat.com/security/cve/CVE-2020-2875
https://access.redhat.com/security/cve/CVE-2020-2934
https://access.redhat.com/security/cve/CVE-2020-9488
https://access.redhat.com/security/cve/CVE-2020-11987
https://access.redhat.com/security/cve/CVE-2020-11988
https://access.redhat.com/security/cve/CVE-2020-13943
https://access.redhat.com/security/cve/CVE-2020-13949
https://access.redhat.com/security/cve/CVE-2020-15522
https://access.redhat.com/security/cve/CVE-2020-17521
https://access.redhat.com/security/cve/CVE-2020-17527
https://access.redhat.com/security/cve/CVE-2020-26217
https://access.redhat.com/security/cve/CVE-2020-26259
https://access.redhat.com/security/cve/CVE-2020-27218
https://access.redhat.com/security/cve/CVE-2020-27223
https://access.redhat.com/security/cve/CVE-2020-27782
https://access.redhat.com/security/cve/CVE-2020-28491
https://access.redhat.com/security/cve/CVE-2020-35510
https://access.redhat.com/security/cve/CVE-2021-3536
https://access.redhat.com/security/cve/CVE-2021-3597
https://access.redhat.com/security/cve/CVE-2021-3629
https://access.redhat.com/security/cve/CVE-2021-3690
https://access.redhat.com/security/cve/CVE-2021-20218
https://access.redhat.com/security/cve/CVE-2021-21290
https://access.redhat.com/security/cve/CVE-2021-21295
https://access.redhat.com/security/cve/CVE-2021-21341
https://access.redhat.com/security/cve/CVE-2021-21342
https://access.redhat.com/security/cve/CVE-2021-21343
https://access.redhat.com/security/cve/CVE-2021-21344
https://access.redhat.com/security/cve/CVE-2021-21345
https://access.redhat.com/security/cve/CVE-2021-21346
https://access.redhat.com/security/cve/CVE-2021-21347
https://access.redhat.com/security/cve/CVE-2021-21348
https://access.redhat.com/security/cve/CVE-2021-21349
https://access.redhat.com/security/cve/CVE-2021-21350
https://access.redhat.com/security/cve/CVE-2021-21351
https://access.redhat.com/security/cve/CVE-2021-21409
https://access.redhat.com/security/cve/CVE-2021-22118
https://access.redhat.com/security/cve/CVE-2021-22696
https://access.redhat.com/security/cve/CVE-2021-23926
https://access.redhat.com/security/cve/CVE-2021-27568
https://access.redhat.com/security/cve/CVE-2021-28163
https://access.redhat.com/security/cve/CVE-2021-28164
https://access.redhat.com/security/cve/CVE-2021-28169
https://access.redhat.com/security/cve/CVE-2021-28170
https://access.redhat.com/security/cve/CVE-2021-29425
https://access.redhat.com/security/cve/CVE-2021-30129
https://access.redhat.com/security/cve/CVE-2021-30468
https://access.redhat.com/security/cve/CVE-2021-34428
https://access.redhat.com/security/cve/CVE-2021-37136
https://access.redhat.com/security/cve/CVE-2021-37137
https://access.redhat.com/security/cve/CVE-2021-37714
https://access.redhat.com/security/cve/CVE-2021-44228
https://access.redhat.com/security/updates/classification/#critical
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.fuse&version=7.10.0
https://access.redhat.com/security/vulnerabilities/RHSB-2021-009

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYblIu9zjgjWX9erEAQjE7g/8D/5A1YgqLfA0Jl4ocHix4hwOxMb+VJb3
xMALPBhXhwWJDX+5WJrIlYzRPAuWMenK95NiBOsCGYwxx3blCmqd23au/HgTbCOm
2Qurz2ga6AGvLOiWdvrINXoemmPTcikPWg8NxfZh+2VC4pJ4pqNx2UunespeqINR
DsrfDavjl5wemAEFY9ETwmUfpsa/LaqkYIDzMZbIFBpLeC9/Wj+RAJRLjh0A4iB7
zNjk/O4vrJUfTxUDnZSIZyUcQzglQDcWiwPAEtIWHvGXO9Vae7hwIU+ekY4TyTpP
nBZeaN7hJQQyPyzB1cW4+pLH/PWyiWE2UlbX6NRDiNHj4BpXJ3LUEmgti/uW80ts
JocNzd5W5WqF3LhKRpx5xDhkPOhGozbcHGcbTda7tQModc6tvGUF9OBstYjHrC/E
nqIXFkkMrHOv79Xdor+ufUASRYf7LKKtJ0iShaqtVRF1+kj1nCdtaexJllxV0dki
wtkvDY9OmL8RLD/ckSq0r5iBS5414KgtyxCg1zsUsKP+IfjKc6ZpcPzj01h9aokp
Cg6ctcTxOT7WvJ2CXNk7gfMcadJJaBttIdapvyUvz/T6Qp3iiWWMI42n4OAlaapv
2KFG1Kv9AVDhl4yqZn9gq8JLqrUI5z5OVRrt2TrqNw+9H+BqQ4miWHSXHF3qhuj7
/tihvvS5d/M=
=Hk8I
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2021-5134:05 Critical: Red Hat Fuse 7.10.0 release and

A minor version update (from 7.9 to 7.10) is now available for Red Hat Fuse

Summary

This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core (CVE-2020-9488, CVE-2021-44228)
* nodejs-lodash (CVE-2019-10744)
* libthrift (CVE-2020-13949)
* xstream (CVE-2020-26217, CVE-2020-26259, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351)
* undertow (CVE-2020-27782, CVE-2021-3597, CVE-2021-3629, CVE-2021-3690)
* xmlbeans (CVE-2021-23926)
* batik (CVE-2020-11987)
* xmlgraphics-commons (CVE-2020-11988)
* tomcat (CVE-2020-13943)
* bouncycastle (CVE-2020-15522, CVE-2020-15522)
* groovy (CVE-2020-17521)
* tomcat (CVE-2020-17527)
* jetty (CVE-2020-27218, CVE-2020-27223, CVE-2021-28163, CVE-2021-28164, CVE-2021-28169, CVE-2021-34428)
* jackson-dataformat-cbor (CVE-2020-28491)
* jboss-remoting (CVE-2020-35510)
* kubernetes-client (CVE-2021-20218)
* netty (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409)
* spring-web (CVE-2021-22118)
* cxf-core (CVE-2021-22696)
* json-smart (CVE-2021-27568)
* jakarta.el (CVE-2021-28170)
* commons-io (CVE-2021-29425)
* sshd-core (CVE-2021-30129)
* cxf-rt-rs-json-basic (CVE-2021-30468)
* netty-codec (CVE-2021-37136, CVE-2021-37137)
* jsoup (CVE-2021-37714)
* poi (CVE-2019-12415)
* mysql-connector-java (CVE-2020-2875, CVE-2020-2934)
* wildfly (CVE-2021-3536)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying the update, back up your existing installation, includingall applications, configuration files, databases and database settings, andso on.Installation instructions are available from the Fuse 7.10.0 productdocumentation page:https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/

References

https://access.redhat.com/security/cve/CVE-2019-10744 https://access.redhat.com/security/cve/CVE-2019-12415 https://access.redhat.com/security/cve/CVE-2020-2875 https://access.redhat.com/security/cve/CVE-2020-2934 https://access.redhat.com/security/cve/CVE-2020-9488 https://access.redhat.com/security/cve/CVE-2020-11987 https://access.redhat.com/security/cve/CVE-2020-11988 https://access.redhat.com/security/cve/CVE-2020-13943 https://access.redhat.com/security/cve/CVE-2020-13949 https://access.redhat.com/security/cve/CVE-2020-15522 https://access.redhat.com/security/cve/CVE-2020-17521 https://access.redhat.com/security/cve/CVE-2020-17527 https://access.redhat.com/security/cve/CVE-2020-26217 https://access.redhat.com/security/cve/CVE-2020-26259 https://access.redhat.com/security/cve/CVE-2020-27218 https://access.redhat.com/security/cve/CVE-2020-27223 https://access.redhat.com/security/cve/CVE-2020-27782 https://access.redhat.com/security/cve/CVE-2020-28491 https://access.redhat.com/security/cve/CVE-2020-35510 https://access.redhat.com/security/cve/CVE-2021-3536 https://access.redhat.com/security/cve/CVE-2021-3597 https://access.redhat.com/security/cve/CVE-2021-3629 https://access.redhat.com/security/cve/CVE-2021-3690 https://access.redhat.com/security/cve/CVE-2021-20218 https://access.redhat.com/security/cve/CVE-2021-21290 https://access.redhat.com/security/cve/CVE-2021-21295 https://access.redhat.com/security/cve/CVE-2021-21341 https://access.redhat.com/security/cve/CVE-2021-21342 https://access.redhat.com/security/cve/CVE-2021-21343 https://access.redhat.com/security/cve/CVE-2021-21344 https://access.redhat.com/security/cve/CVE-2021-21345 https://access.redhat.com/security/cve/CVE-2021-21346 https://access.redhat.com/security/cve/CVE-2021-21347 https://access.redhat.com/security/cve/CVE-2021-21348 https://access.redhat.com/security/cve/CVE-2021-21349 https://access.redhat.com/security/cve/CVE-2021-21350 https://access.redhat.com/security/cve/CVE-2021-21351 https://access.redhat.com/security/cve/CVE-2021-21409 https://access.redhat.com/security/cve/CVE-2021-22118 https://access.redhat.com/security/cve/CVE-2021-22696 https://access.redhat.com/security/cve/CVE-2021-23926 https://access.redhat.com/security/cve/CVE-2021-27568 https://access.redhat.com/security/cve/CVE-2021-28163 https://access.redhat.com/security/cve/CVE-2021-28164 https://access.redhat.com/security/cve/CVE-2021-28169 https://access.redhat.com/security/cve/CVE-2021-28170 https://access.redhat.com/security/cve/CVE-2021-29425 https://access.redhat.com/security/cve/CVE-2021-30129 https://access.redhat.com/security/cve/CVE-2021-30468 https://access.redhat.com/security/cve/CVE-2021-34428 https://access.redhat.com/security/cve/CVE-2021-37136 https://access.redhat.com/security/cve/CVE-2021-37137 https://access.redhat.com/security/cve/CVE-2021-37714 https://access.redhat.com/security/cve/CVE-2021-44228 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/ https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.fuse&version=7.10.0 https://access.redhat.com/security/vulnerabilities/RHSB-2021-009

Package List

Severity
Advisory ID: RHSA-2021:5134-01
Product: Red Hat JBoss Fuse
Advisory URL: https://access.redhat.com/errata/RHSA-2021:5134
Issued Date: : 2021-12-14
CVE Names: CVE-2019-10744 CVE-2019-12415 CVE-2020-2875 CVE-2020-2934 CVE-2020-9488 CVE-2020-11987 CVE-2020-11988 CVE-2020-13943 CVE-2020-13949 CVE-2020-15522 CVE-2020-17521 CVE-2020-17527 CVE-2020-26217 CVE-2020-26259 CVE-2020-27218 CVE-2020-27223 CVE-2020-27782 CVE-2020-28491 CVE-2020-35510 CVE-2021-3536 CVE-2021-3597 CVE-2021-3629 CVE-2021-3690 CVE-2021-20218 CVE-2021-21290 CVE-2021-21295 CVE-2021-21341 CVE-2021-21342 CVE-2021-21343 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 CVE-2021-21347 CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 CVE-2021-21351 CVE-2021-21409 CVE-2021-22118 CVE-2021-22696 CVE-2021-23926 CVE-2021-27568 CVE-2021-28163 CVE-2021-28164 CVE-2021-28169 CVE-2021-28170 CVE-2021-29425 CVE-2021-30129 CVE-2021-30468 CVE-2021-34428 CVE-2021-37136 CVE-2021-37137 CVE-2021-37714 CVE-2021-44228

Topic

A minor version update (from 7.9 to 7.10) is now available for Red HatFuse. The purpose of this text-only errata is to inform you about thesecurity issues fixed in this release.Red Hat Product Security has rated this update as having a security impactof Critical. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Relevant Releases Architectures

Bugs Fixed

1739497 - CVE-2019-10744 nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties

1802531 - CVE-2019-12415 poi: a specially crafted Microsoft Excel document allows attacker to read files from the local filesystem

1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender

1851014 - CVE-2020-2934 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete

1851019 - CVE-2020-2875 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete

1887648 - CVE-2020-13943 tomcat: Apache Tomcat HTTP/2 Request mix-up

1898907 - CVE-2020-26217 XStream: remote code execution due to insecure XML deserialization when relying on blocklists

1901304 - CVE-2020-27782 undertow: special character in query results in server errors

1902826 - CVE-2020-27218 jetty: buffer not correctly recycled in Gzip Request inflation

1904221 - CVE-2020-17527 tomcat: HTTP/2 request header mix-up

1905796 - CVE-2020-35510 jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client

1908837 - CVE-2020-26259 XStream: arbitrary file deletion on the local host when unmarshalling

1922102 - CVE-2021-23926 xmlbeans: allowed malicious XML input may lead to XML Entity Expansion attack

1922123 - CVE-2020-17521 groovy: OS temporary directory leads to information disclosure

1923405 - CVE-2021-20218 fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise

1927028 - CVE-2021-21290 netty: Information disclosure via the local system temporary directory

1928172 - CVE-2020-13949 libthrift: potential DoS when processing untrusted payloads

1930423 - CVE-2020-28491 jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception

1933808 - CVE-2020-11987 batik: SSRF due to improper input validation by the NodePickerPanel

1933816 - CVE-2020-11988 xmlgraphics-commons: SSRF due to improper input validation by the XMPParser

1934116 - CVE-2020-27223 jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS

1937364 - CVE-2021-21295 netty: possible request smuggling in HTTP/2 due missing validation

1939839 - CVE-2021-27568 json-smart: uncaught exception may lead to crash or information disclosure

1942539 - CVE-2021-21341 XStream: allow a remote attacker to cause DoS only by manipulating the processed input stream

1942545 - CVE-2021-21342 XStream: SSRF via crafted input stream

1942550 - CVE-2021-21343 XStream: arbitrary file deletion on the local host via crafted input stream

1942554 - CVE-2021-21344 XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet

1942558 - CVE-2021-21345 XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry

1942578 - CVE-2021-21346 XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue

1942629 - CVE-2021-21347 XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator

1942633 - CVE-2021-21348 XStream: ReDoS vulnerability

1942635 - CVE-2021-21349 XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host

1942637 - CVE-2021-21350 XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader

1942642 - CVE-2021-21351 XStream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream

1944888 - CVE-2021-21409 netty: Request smuggling via content-length header

1945710 - CVE-2021-28163 jetty: Symlink directory exposes webapp directory contents

1945712 - CVE-2021-28164 jetty: Ambiguous paths can access WEB-INF

1946341 - CVE-2021-22696 cxf: OAuth 2 authorization service vulnerable to DDos attacks

1948001 - CVE-2021-3536 wildfly: XSS via admin console when creating roles in domain mode

1948752 - CVE-2021-29425 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

1962879 - CVE-2020-15522 bouncycastle: Timing issue within the EC math library

1965497 - CVE-2021-28170 jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

1970930 - CVE-2021-3597 undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS

1971016 - CVE-2021-28169 jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory

1973392 - CVE-2021-30468 CXF: Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter

1974854 - CVE-2021-22118 spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application

1974891 - CVE-2021-34428 jetty: SessionListener can prevent a session from being invalidated breaking logout

1977362 - CVE-2021-3629 undertow: potential security issue in flow control over HTTP/2 may lead to DOS

1981527 - CVE-2021-30129 mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server

1991299 - CVE-2021-3690 undertow: buffer leak on incoming websocket PONG message may lead to DoS

1995259 - CVE-2021-37714 jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way

2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.