Filtered by vendor Redhat Subscriptions
Filtered by product Migration Toolkit Runtimes Subscriptions
Total 39 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-41881 3 Debian, Netty, Redhat 13 Debian Linux, Netty, Camel Quarkus and 10 more 2024-08-03 5.3 Medium
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
CVE-2022-37603 2 Redhat, Webpack.js 8 Jboss Data Grid, Logging, Migration Toolkit Applications and 5 more 2024-08-03 7.5 High
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.
CVE-2022-36033 3 Jsoup, Netapp, Redhat 6 Jsoup, Management Services For Element Software, Management Services For Netapp Hci and 3 more 2024-08-03 6.1 Medium
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
CVE-2022-31690 3 Netapp, Redhat, Vmware 5 Active Iq Unified Manager, Migration Toolkit Applications, Migration Toolkit Runtimes and 2 more 2024-08-03 8.1 High
Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token.
CVE-2022-4492 1 Redhat 16 Build Of Quarkus, Camel Spring Boot, Integration Camel For Spring Boot and 13 more 2024-08-03 7.5 High
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
CVE-2022-3782 1 Redhat 8 Amq Broker, Jboss Enterprise Bpms Platform, Keycloak and 5 more 2024-08-03 9.1 Critical
keycloak: path traversal via double URL encoding. A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.
CVE-2022-3517 4 Debian, Fedoraproject, Minimatch Project and 1 more 9 Debian Linux, Fedora, Minimatch and 6 more 2024-08-03 7.5 High
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
CVE-2023-48631 2 Adobe, Redhat 4 Css-tools, Migration Toolkit Applications, Migration Toolkit Runtimes and 1 more 2024-08-02 5.3 Medium
@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.
CVE-2024-28849 1 Redhat 11 Advanced Cluster Security, Ansible Automation Platform, Logging and 8 more 2024-08-02 6.5 Medium
follow-redirects is an open source, drop-in replacement for Node's `http` and `https` modules that automatically follows redirects. In affected versions follow-redirects only clears authorization header during cross-domain redirect, but keep the proxy-authentication header which contains credentials too. This vulnerability may lead to credentials leak, but has been addressed in version 1.15.6. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-35116 2 Fasterxml, Redhat 7 Jackson-databind, Amq Broker, Apache-camel-spring-boot and 4 more 2024-08-02 4.7 Medium
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.
CVE-2024-29180 1 Redhat 10 Advanced Cluster Security, Apicurio Registry, Jboss Data Grid and 7 more 2024-08-02 7.4 High
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack. Developers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing.
CVE-2023-26159 2 Follow-redirects, Redhat 11 Follow Redirects, Container Native Virtualization, Logging and 8 more 2024-08-02 7.3 High
Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.
CVE-2023-22899 2 Redhat, Zip4j Project 3 Migration Toolkit Applications, Migration Toolkit Runtimes, Zip4j 2024-08-02 5.9 Medium
Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.
CVE-2023-2798 2 Htmlunit, Redhat 3 Htmlunit, Migration Toolkit Applications, Migration Toolkit Runtimes 2024-08-02 7.5 High
Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack.This issue affects htmlunit before 2.70.0.
CVE-2023-1436 2 Jettison Project, Redhat 9 Jettison, Camel Quarkus, Camel Spring Boot and 6 more 2024-08-02 5.9 Medium
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
CVE-2024-29025 1 Redhat 10 Amq Broker, Amq Streams, Cryostat and 7 more 2024-08-02 5.3 Medium
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.
CVE-2024-26308 2 Apache, Redhat 8 Commons Compress, Camel Quarkus, Jboss Data Grid and 5 more 2024-08-02 5.5 Medium
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.
CVE-2024-25710 2 Apache, Redhat 9 Commons Compress, Amq Streams, Camel Quarkus and 6 more 2024-08-01 8.1 High
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
CVE-2023-4639 1 Redhat 2 Jboss Enterprise Application Platform, Migration Toolkit Runtimes 2024-02-08 7.4 High
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.