Red Hat Quarkus 2.7.6 RHSA-2022:5596-01 Moderate: DoS Threat
red hat
July 27, 2022
An update is now available for Red Hat build of Quarkus
Solution
Before applying the update, back up your existing installation, including
all
applications, configuration files, databases and database settings, and so
on.
The References section of this erratum contains a download link for the
update.
You must be logged in to download the update.
Summary
This release of Red Hat build of Quarkus 2.7.6 includes security updates,
bug
fixes, and enhancements. For more information, see the release notes page
listed
in the References section.
Security Fix(es):
* CVE-2020-36518 jackson-databind: denial of service via a large depth of
nested objects [quarkus-2]
Topics Covered
References
https://access.redhat.com/security/cve/CVE-2020-36518 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/2.7 https://access.redhat.com/articles/4966181
Package List
PREVIOUS
NEXT
Advisory ID: RHSA-2022:5596-01
Product: Red Hat build of Quarkus
Advisory URL: https://access.redhat.com/errata/RHSA-2022:5596
Issue date: 2022-07-19
Topic
An update is now available for Red Hat build of Quarkus. Red Hat ProductSecurity has rated this update as having a security impact of Moderate. ACommon Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability. For moreinformation, see the CVE links in the References section.
Topics Covered
Relevant Releases Architectures
Bugs Fixed
2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!