Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Red Hat 2.2.1-1 Advisory RHSA-2022:1306-01 Low: RCE Fix

red hat
Calendar Grey April 11, 2022
Dist Redhat Esm H88
Critical patch implemented for Red Hat Camel Add-ons guarantees protection against vulnerabilities with minimal repercussions. Discover more here.
A security update to Red Hat Integration Camel Extensions for Quarkus 2.2.1 is now available

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Summary

Red Hat Integration - Camel Extensions for Quarkus 2.2.1-1 serves as a replacement for 2.2.1 and includes the following security Fix(es):
Security Fix(es):
* spring-beans: spring-framework: RCE via Data Binding on JDK 9+ (CVE-2022-22965)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics%20covered

Topics Covered

security advisory low severity RCE Red Hat Integration Spring Framework Camel Extensions

References

https://access.redhat.com/security/cve/CVE-2022-22965 https://access.redhat.com/security/updates/classification#low https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=red.hat.integration&version=2022-Q1 https://access.redhat.com/security/vulnerabilities/RHSB-2022-003 https://docs.redhat.com/en/documentation/red_hat_integration/2022.q1

Package List


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2022:1306-01
Product: Red Hat Integration
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1306
Issue date: 2022-04-11

Topic

A security update to Red Hat Integration Camel Extensions for Quarkus 2.2.1is now available. The purpose of this text-only errata is to inform youabout the security issues fixed.Red Hat Product Security has rated this update as having an impact of Low.A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

Topics%20covered

Topics Covered

security advisory low severity RCE Red Hat Integration Spring Framework Camel Extensions

Relevant Releases Architectures

Bugs Fixed

2070348 - CVE-2022-22965 spring-framework: RCE via Data Binding on JDK 9+

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here