var-202201-0559
Vulnerability from variot
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. Apache Tomcat is a lightweight web application server of the American Apache (Apache) Foundation. The program implements support for Servlet and JavaServer Page (JSP).
Apache Tomcat has permission permissions and access control issues. An attacker can bypass Apache Tomcat's restrictions through FileStore Sessions to escalate his permissions. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Installation instructions are available from the Fuse 7.11.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
- Bugs fixed (https://bugzilla.redhat.com/):
1838332 - CVE-2020-9484 tomcat: deserialization flaw in session persistence storage leading to RCE 1887810 - CVE-2020-15250 junit4: TemporaryFolder is shared between all users across system which could result in information disclosure 1893070 - CVE-2020-25689 wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller 1893125 - CVE-2020-7020 elasticsearch: not properly preserving security permissions when executing complex queries may lead to information disclosure 1917209 - CVE-2021-24122 tomcat: Information disclosure when using NTFS file system 1930291 - CVE-2020-29582 kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure 1934032 - CVE-2021-25122 tomcat: Request mix-up with h2c 1934061 - CVE-2021-25329 tomcat: Incomplete fix for CVE-2020-9484 (RCE via session persistence) 1966735 - CVE-2021-29505 XStream: remote command execution attack by manipulating the processed input stream 1973413 - CVE-2021-33813 jdom: XXE allows attackers to cause a DoS via a crafted HTTP request 1976052 - CVE-2021-3644 wildfly-core: Invalid Sensitivity Classification of Vault Expression 1977064 - CVE-2021-22119 spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request 1977362 - CVE-2021-3629 undertow: potential security issue in flow control over HTTP/2 may lead to DOS 1981407 - CVE-2021-3642 wildfly-elytron: possible timing attack in ScramServer 1981533 - CVE-2021-33037 tomcat: HTTP request smuggling when used with a reverse proxy 1981544 - CVE-2021-30640 tomcat: JNDI realm authentication weakness 1981895 - CVE-2021-35515 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive 1981900 - CVE-2021-35516 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive 1981903 - CVE-2021-35517 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive 1981909 - CVE-2021-36090 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive 2004820 - CVE-2021-41079 tomcat: Infinite loop while reading an unexpected TLS packet when using OpenSSL JSSE engine 2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes 2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients 2010378 - CVE-2021-3859 undertow: client side invocation timeout raised when calling over HTTP2 2011190 - CVE-2021-40690 xml-security: XPath Transform abuse allows for information disclosure 2014356 - CVE-2021-42340 tomcat: OutOfMemoryError caused by HTTP upgrade connection leak could lead to DoS 2020583 - CVE-2021-2471 mysql-connector-java: unauthorized access to critical 2031958 - CVE-2021-43797 netty: control chars in header names may lead to HTTP request smuggling 2033560 - CVE-2021-42550 logback: remote code execution through JNDI call from within its configuration file 2034388 - CVE-2021-4178 kubernetes-client: Insecure deserialization in unmarshalYaml method 2034584 - CVE-2021-22096 springframework: malicious input leads to insertion of additional log entries 2039903 - CVE-2021-22569 protobuf-java: potential DoS in the parsing procedure for binary data 2044596 - CVE-2022-23221 h2: Loading of custom classes from remote servers through JNDI 2046279 - CVE-2022-22932 karaf: path traversal flaws 2046282 - CVE-2021-41766 karaf: insecure java deserialization 2047343 - CVE-2022-21363 mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors 2047417 - CVE-2022-23181 tomcat: local privilege escalation vulnerability 2049778 - CVE-2022-23596 junrar: A carefully crafted RAR archive can trigger an infinite loop while extracting 2049783 - CVE-2021-43859 xstream: Injecting highly recursive collections or maps can cause a DoS 2050863 - CVE-2022-21724 jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes 2055480 - CVE-2021-22060 springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096) 2058763 - CVE-2022-24614 metadata-extractor: Out-of-memory when reading a specially crafted JPEG file 2063292 - CVE-2022-26336 poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception 2063601 - CVE-2022-23913 artemis-commons: Apache ActiveMQ Artemis DoS 2064007 - CVE-2022-26520 postgresql-jdbc: Arbitrary File Write Vulnerability 2064226 - CVE-2022-0084 xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr 2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 2069414 - CVE-2022-22950 spring-expression: Denial of service via specially crafted SpEL expression 2072339 - CVE-2022-1259 undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) 2073890 - CVE-2022-1319 undertow: Double AJP response for 400 from EAP 7 results in CPING failures 2075441 - CVE-2022-22968 Spring Framework: Data Binding Rules Vulnerability 2081879 - CVE-2021-22573 google-oauth-client: Token signature not verified 2087214 - CVE-2022-22976 springframework: BCrypt skips salt rounds for work factor of 31 2087272 - CVE-2022-22970 springframework: DoS via data binding to multipartFile or servlet part 2087274 - CVE-2022-22971 springframework: DoS with STOMP over WebSocket 2087606 - CVE-2022-22978 springframework: Authorization Bypass in RegexRequestMatcher 2088523 - CVE-2022-30126 tika-core: Regular Expression Denial of Service in standards extractor 2100654 - CVE-2022-25845 fastjson: autoType shutdown restriction bypass leads to deserialization
The References section of this erratum contains a download link for the update. You must be logged in to download the update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat JBoss Web Server 5.7.0 release and security update Advisory ID: RHSA-2022:7272-01 Product: Red Hat JBoss Web Server Advisory URL: https://access.redhat.com/errata/RHSA-2022:7272 Issue date: 2022-11-02 CVE Names: CVE-2022-23181 ==================================================================== 1. Summary:
An update is now available for Red Hat JBoss Web Server 5.7 on Red Hat Enterprise Linux versions 7, 8, and 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat JBoss Web Server 5.7 for RHEL 7 Server - noarch, x86_64 Red Hat JBoss Web Server 5.7 for RHEL 8 - noarch, x86_64 Red Hat JBoss Web Server 5.7 for RHEL 9 - noarch, x86_64
- Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 5.7.0 serves as a replacement for Red Hat JBoss Web Server 5.6.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.
Security Fix(es):
- tomcat: local privilege escalation vulnerability (CVE-2022-23181)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2047417 - CVE-2022-23181 tomcat: local privilege escalation vulnerability
- Package List:
Red Hat JBoss Web Server 5.7 for RHEL 7 Server:
Source: jws5-ecj-4.20.0-1.redhat_00002.1.el7jws.src.rpm jws5-tomcat-9.0.62-9.redhat_00005.1.el7jws.src.rpm jws5-tomcat-native-1.2.31-10.redhat_10.el7jws.src.rpm
noarch: jws5-ecj-4.20.0-1.redhat_00002.1.el7jws.noarch.rpm jws5-tomcat-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-admin-webapps-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-docs-webapp-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-el-3.0-api-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-java-jdk11-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-java-jdk8-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-javadoc-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-jsp-2.3-api-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-lib-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-selinux-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-servlet-4.0-api-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm jws5-tomcat-webapps-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm
x86_64: jws5-tomcat-native-1.2.31-10.redhat_10.el7jws.x86_64.rpm jws5-tomcat-native-debuginfo-1.2.31-10.redhat_10.el7jws.x86_64.rpm
Red Hat JBoss Web Server 5.7 for RHEL 8:
Source: jws5-ecj-4.20.0-1.redhat_00002.1.el8jws.src.rpm jws5-tomcat-9.0.62-9.redhat_00005.1.el8jws.src.rpm jws5-tomcat-native-1.2.31-10.redhat_10.el8jws.src.rpm
noarch: jws5-ecj-4.20.0-1.redhat_00002.1.el8jws.noarch.rpm jws5-tomcat-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-admin-webapps-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-docs-webapp-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-el-3.0-api-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-javadoc-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-jsp-2.3-api-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-lib-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-selinux-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-servlet-4.0-api-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm jws5-tomcat-webapps-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm
x86_64: jws5-tomcat-native-1.2.31-10.redhat_10.el8jws.x86_64.rpm jws5-tomcat-native-debuginfo-1.2.31-10.redhat_10.el8jws.x86_64.rpm
Red Hat JBoss Web Server 5.7 for RHEL 9:
Source: jws5-1-8.el9jws.src.rpm jws5-ecj-4.20.0-1.redhat_00002.1.el9jws.src.rpm jws5-javapackages-tools-3.4.1-5.15.11.el9jws.src.rpm jws5-jboss-logging-3.4.1-1.Final_redhat_00001.1.el9jws.src.rpm jws5-mod_cluster-1.4.3-2.Final_redhat_00002.1.el9jws.src.rpm jws5-tomcat-9.0.62-9.redhat_00005.1.el9jws.src.rpm jws5-tomcat-native-1.2.31-10.redhat_10.el9jws.src.rpm jws5-tomcat-vault-1.1.8-4.Final_redhat_00004.1.el9jws.src.rpm
noarch: jws5-ecj-4.20.0-1.redhat_00002.1.el9jws.noarch.rpm jws5-javapackages-tools-3.4.1-5.15.11.el9jws.noarch.rpm jws5-jboss-logging-3.4.1-1.Final_redhat_00001.1.el9jws.noarch.rpm jws5-mod_cluster-1.4.3-2.Final_redhat_00002.1.el9jws.noarch.rpm jws5-mod_cluster-tomcat-1.4.3-2.Final_redhat_00002.1.el9jws.noarch.rpm jws5-python-javapackages-3.4.1-5.15.11.el9jws.noarch.rpm jws5-tomcat-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-admin-webapps-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-docs-webapp-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-el-3.0-api-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-javadoc-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-jsp-2.3-api-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-lib-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-selinux-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-servlet-4.0-api-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm jws5-tomcat-vault-1.1.8-4.Final_redhat_00004.1.el9jws.noarch.rpm jws5-tomcat-vault-javadoc-1.1.8-4.Final_redhat_00004.1.el9jws.noarch.rpm jws5-tomcat-webapps-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm
x86_64: jws5-1-8.el9jws.x86_64.rpm jws5-runtime-1-8.el9jws.x86_64.rpm jws5-tomcat-native-1.2.31-10.redhat_10.el9jws.x86_64.rpm jws5-tomcat-native-debuginfo-1.2.31-10.redhat_10.el9jws.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-23181 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY2JoxdzjgjWX9erEAQgBthAAoenDKKMVhg3cftJvIZ+HbMcReE/vRlif NSofyo787+9uOGOL4sCaveMdiBtiw06bzcLsd44STR7ug41vETKbJa3k87b1HY5S jGzYvFk2fHKkb+9HnMs3UNCFi9TV361IA4hkV4yTtgGxtUKhd5hdrEq4cR0c3BMo 9pJi7+F4MKuChzUwWcJD8nnrGckwk6/I7QXUDVZisCwy2PIUKvhVMlJf6ojXXKIv TgIAKeo890DmRQRr8D5Plc1h7MYAr+YFSaTftrifE1wanBiIF0NHiVcWO845LaMc bwSKsF0dcx7BOzs7huxkK870M1KnYrdSLFgYQtSz8Az119vrQCukfGfuF+2LfxxT jNwzZ7VJa8Coci5v0Lez+U/b4r5WqtUkHheUqrYvC0PP37Swucj3MhRk657KvSsS u3NyhlnIZmWJOel4B2KSCmIvGSj8irAmAOAWCFhSFaRZFDGfRQ+D3k/sb1kIWtQB VGheaUXm11sOqvl+T2ecinUvddC05sRvvcSY0iXEyupFvpOUsG3DpYQI6c0ffGc6 QTnMdWLMCxRSSe3g21hJ4QTzYMi6oSa+2KLho8GlJe0d1PXR3bS128/2h4/R5bmJ 18XF/i/tC7/9OtZfkoTNkZh6AmjI/tH0qj6XlsU2B3sTd8rBJ0Ry3twhhdUKBIdT PmiEP6NSVY8=R1gB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.
CVE-2021-43980
The simplified implementation of blocking reads and writes introduced in
Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing
(but extremely hard to trigger) concurrency bug that could cause client
connections to share an Http11Processor instance resulting in responses, or
part responses, to be received by the wrong client.
CVE-2022-29885
The documentation of Apache Tomcat for the EncryptInterceptor incorrectly
stated it enabled Tomcat clustering to run over an untrusted network. This
was not correct. While the EncryptInterceptor does provide confidentiality
and integrity protection, it does not protect against all risks associated
with running over any untrusted network, particularly DoS risks.
For the stable distribution (bullseye), these problems have been fixed in version 9.0.43-2~deb11u4.
We recommend that you upgrade your tomcat9 packages.
For the detailed security status of tomcat9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tomcat9
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmNdoYJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRLxxAAzz/exjL7ERlJfqqvv1ofnRRmmJYtqaofzV8Ewb/xrFIQM8ZXohWLF9a0 s0monZtUm+eQEKM3nYl1nXPI4l/shKnvo9yU17gcxqBgzBeYqsX9hqDm2Ie0raS7 n22rwO4fHcQJ7vhSx2oYNL++YbEYQFEZgz+ZfiOLStHc2pIq2fxi4+jXuXHMUwuS KuCOYF8VLBjY87T7BT168GtKi02sIQzbXgAQSAGU6WsOvV4DLjagn/g+b1lK8F5u xO6rU2iM6pR73Ei2H2pb1B39BGhjorub7L2GQfiIMKf3bD7M+jflCnGq3n/xsUrO 6PkaSCaN4DEip9V+3DBJ4TcOj0x/LzHMHimDoZ/CLI5qoPq5KWS4L7AKXM876+v5 HIIzDH5B5INTeSEoVDkgKVx2fy8ZbaeDV+cmFTjXb+pmFpxxEuPGRYJg3Mv8PsqZ qPUqyrTKx8treIfXNJhJL00omDAX1T75H38BMNv56BbAHcBfszyFHHzr9uPo0+Fc tLYanZlx48IfCLXhOl2VcyE5up1snJmtMG1S2wFfl4btVfApGSAzAxSeYau+EGTu poFmm/5atf68cKEyGIuPFeNk97mqIp55gDi5lks/Cs7wW/EJndzFd/g5LwXb1HO1 E30OhC79DT0Jlwpw3+VhS475K3XzGOhnk4x6DA1a/NtAzzaz7dg= =U52K -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6943-1 August 01, 2024
tomcat8, tomcat9 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Tomcat.
Software Description: - tomcat9: Servlet and JSP engine - tomcat8: Servlet and JSP engine
Details:
It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS (CVE-2020-9484)
It was discovered that Tomcat incorrectly handled certain HTTP/2 connection requests. A remote attacker could use this issue to obtain wrong responses possibly containing sensitive information. This issue only affected tomcat8 for Ubuntu 18.04 LTS (CVE-2021-25122)
Thomas Wozenilek discovered that Tomcat incorrectly handled certain TLS
packets. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected tomcat8 for Ubuntu 18.04 LTS (CVE-2021-41079)
Trung Pham discovered that a race condition existed in Tomcat when handling session files with FileStore. A remote attacker could possibly use this issue to execute arbitrary code. This issue affected tomcat8 for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS, and tomcat9 for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS (CVE-2022-23181)
It was discovered that Tomcat's documentation incorrectly stated that EncryptInterceptor provided availability protection when running over an untrusted network. A remote attacker could possibly use this issue to cause a denial of service even if EncryptInterceptor was being used. This issue affected tomcat8 for Ubuntu 18.04 LTS, and tomcat9 for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS (CVE-2022-29885)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS tomcat9-docs 9.0.58-1ubuntu0.1+esm2 Available with Ubuntu Pro
Ubuntu 20.04 LTS libtomcat9-java 9.0.31-1ubuntu0.6 tomcat9 9.0.31-1ubuntu0.6 tomcat9-docs 9.0.31-1ubuntu0.6
Ubuntu 18.04 LTS libtomcat8-java 8.5.39-1ubuntu1~18.04.3+esm2 Available with Ubuntu Pro libtomcat9-java 9.0.16-3ubuntu0.18.04.2+esm2 Available with Ubuntu Pro tomcat8 8.5.39-1ubuntu1~18.04.3+esm2 Available with Ubuntu Pro tomcat8-docs 8.5.39-1ubuntu1~18.04.3+esm2 Available with Ubuntu Pro tomcat9 9.0.16-3ubuntu0.18.04.2+esm2 Available with Ubuntu Pro tomcat9-docs 9.0.16-3ubuntu0.18.04.2+esm2 Available with Ubuntu Pro
Ubuntu 16.04 LTS libtomcat8-java 8.0.32-1ubuntu1.13+esm1 Available with Ubuntu Pro tomcat8 8.0.32-1ubuntu1.13+esm1 Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202201-0559", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "tomcat", "scope": "lte", "trust": 1.0, "vendor": "apache", "version": "9.0.56" }, { "model": "financial services crime and compliance management studio", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.0.8.2.0" }, { "model": "mysql enterprise monitor", "scope": "lte", "trust": 1.0, "vendor": "oracle", "version": "8.0.29" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "10.0" }, { "model": "tomcat", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "8.5.55" }, { "model": "agile engineering data management", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "6.2.1.0" }, { "model": "communications cloud native core policy", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.15.0" }, { "model": "financial services crime and compliance management studio", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "8.0.8.3.0" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "10.0.0" }, { "model": "managed file transfer", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.2.1.4.0" }, { "model": "managed file transfer", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.2.1.3.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "11.0" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "10.1.0" }, { "model": "tomcat", "scope": "lte", "trust": 1.0, "vendor": "apache", "version": "8.5.73" }, { "model": "tomcat", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "10.0.1" }, { "model": "tomcat", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "9.0.35" }, { "model": "tomcat", "scope": "lte", "trust": 1.0, "vendor": "apache", "version": "10.0.14" }, { "model": "tomcat", "scope": "gte", "trust": 0.6, "vendor": "apache", "version": "8.5.55,\u003c=8.5.73" }, { "model": "tomcat", "scope": "gte", "trust": 0.6, "vendor": "apache", "version": "9.0.35,\u003c=9.0.56" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" }, { "db": "NVD", "id": "CVE-2022-23181" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "167841" }, { "db": "PACKETSTORM", "id": "169694" }, { "db": "PACKETSTORM", "id": "169697" }, { "db": "PACKETSTORM", "id": "170859" } ], "trust": 0.4 }, "cve": "CVE-2022-23181", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 1.9, "id": "CVE-2022-23181", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 1.1, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.4, "id": "CNVD-2022-08354", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.0, "id": "CVE-2022-23181", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-23181", "trust": 1.0, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2022-08354", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202201-2423", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2022-23181", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" }, { "db": "VULMON", "id": "CVE-2022-23181" }, { "db": "CNNVD", "id": "CNNVD-202201-2423" }, { "db": "NVD", "id": "CVE-2022-23181" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. Apache Tomcat is a lightweight web application server of the American Apache (Apache) Foundation. The program implements support for Servlet and JavaServer Page (JSP). \n\r\n\r\nApache Tomcat has permission permissions and access control issues. An attacker can bypass Apache Tomcat\u0027s restrictions through FileStore Sessions to escalate his permissions. The purpose of this text-only errata is to inform you about the\nsecurity issues fixed in this release. \n\nInstallation instructions are available from the Fuse 7.11.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1838332 - CVE-2020-9484 tomcat: deserialization flaw in session persistence storage leading to RCE\n1887810 - CVE-2020-15250 junit4: TemporaryFolder is shared between all users across system which could result in information disclosure\n1893070 - CVE-2020-25689 wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller\n1893125 - CVE-2020-7020 elasticsearch: not properly preserving security permissions when executing complex queries may lead to information disclosure\n1917209 - CVE-2021-24122 tomcat: Information disclosure when using NTFS file system\n1930291 - CVE-2020-29582 kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure\n1934032 - CVE-2021-25122 tomcat: Request mix-up with h2c\n1934061 - CVE-2021-25329 tomcat: Incomplete fix for CVE-2020-9484 (RCE via session persistence)\n1966735 - CVE-2021-29505 XStream: remote command execution attack by manipulating the processed input stream\n1973413 - CVE-2021-33813 jdom: XXE allows attackers to cause a DoS via a crafted HTTP request\n1976052 - CVE-2021-3644 wildfly-core: Invalid Sensitivity Classification of Vault Expression\n1977064 - CVE-2021-22119 spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request\n1977362 - CVE-2021-3629 undertow: potential security issue in flow control over HTTP/2 may lead to DOS\n1981407 - CVE-2021-3642 wildfly-elytron: possible timing attack in ScramServer\n1981533 - CVE-2021-33037 tomcat: HTTP request smuggling when used with a reverse proxy\n1981544 - CVE-2021-30640 tomcat: JNDI realm authentication weakness\n1981895 - CVE-2021-35515 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive\n1981900 - CVE-2021-35516 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive\n1981903 - CVE-2021-35517 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive\n1981909 - CVE-2021-36090 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive\n2004820 - CVE-2021-41079 tomcat: Infinite loop while reading an unexpected TLS packet when using OpenSSL JSSE engine\n2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes\n2009041 - CVE-2021-38153 Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients\n2010378 - CVE-2021-3859 undertow: client side invocation timeout raised when calling over HTTP2\n2011190 - CVE-2021-40690 xml-security: XPath Transform abuse allows for information disclosure\n2014356 - CVE-2021-42340 tomcat: OutOfMemoryError caused by HTTP upgrade connection leak could lead to DoS\n2020583 - CVE-2021-2471 mysql-connector-java: unauthorized access to critical\n2031958 - CVE-2021-43797 netty: control chars in header names may lead to HTTP request smuggling\n2033560 - CVE-2021-42550 logback: remote code execution through JNDI call from within its configuration file\n2034388 - CVE-2021-4178 kubernetes-client: Insecure deserialization in unmarshalYaml method\n2034584 - CVE-2021-22096 springframework: malicious input leads to insertion of additional log entries\n2039903 - CVE-2021-22569 protobuf-java: potential DoS in the parsing procedure for binary data\n2044596 - CVE-2022-23221 h2: Loading of custom classes from remote servers through JNDI\n2046279 - CVE-2022-22932 karaf: path traversal flaws\n2046282 - CVE-2021-41766 karaf: insecure java deserialization\n2047343 - CVE-2022-21363 mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors\n2047417 - CVE-2022-23181 tomcat: local privilege escalation vulnerability\n2049778 - CVE-2022-23596 junrar: A carefully crafted RAR archive can trigger an infinite loop while extracting\n2049783 - CVE-2021-43859 xstream: Injecting highly recursive collections or maps can cause a DoS\n2050863 - CVE-2022-21724 jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes\n2055480 - CVE-2021-22060 springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)\n2058763 - CVE-2022-24614 metadata-extractor: Out-of-memory when reading a specially crafted JPEG file\n2063292 - CVE-2022-26336 poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception\n2063601 - CVE-2022-23913 artemis-commons: Apache ActiveMQ Artemis DoS\n2064007 - CVE-2022-26520 postgresql-jdbc: Arbitrary File Write Vulnerability\n2064226 - CVE-2022-0084 xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr\n2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects\n2069414 - CVE-2022-22950 spring-expression: Denial of service via specially crafted SpEL expression\n2072339 - CVE-2022-1259 undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)\n2073890 - CVE-2022-1319 undertow: Double AJP response for 400 from EAP 7 results in CPING failures\n2075441 - CVE-2022-22968 Spring Framework: Data Binding Rules Vulnerability\n2081879 - CVE-2021-22573 google-oauth-client: Token signature not verified\n2087214 - CVE-2022-22976 springframework: BCrypt skips salt rounds for work factor of 31\n2087272 - CVE-2022-22970 springframework: DoS via data binding to multipartFile or servlet part\n2087274 - CVE-2022-22971 springframework: DoS with STOMP over WebSocket\n2087606 - CVE-2022-22978 springframework: Authorization Bypass in RegexRequestMatcher\n2088523 - CVE-2022-30126 tika-core: Regular Expression Denial of Service in standards extractor\n2100654 - CVE-2022-25845 fastjson: autoType shutdown restriction bypass leads to deserialization\n\n5. \n\nThe References section of this erratum contains a download link for the\nupdate. You must be logged in to download the update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: Red Hat JBoss Web Server 5.7.0 release and security update\nAdvisory ID: RHSA-2022:7272-01\nProduct: Red Hat JBoss Web Server\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:7272\nIssue date: 2022-11-02\nCVE Names: CVE-2022-23181\n====================================================================\n1. Summary:\n\nAn update is now available for Red Hat JBoss Web Server 5.7 on Red Hat\nEnterprise Linux versions 7, 8, and 9. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss Web Server 5.7 for RHEL 7 Server - noarch, x86_64\nRed Hat JBoss Web Server 5.7 for RHEL 8 - noarch, x86_64\nRed Hat JBoss Web Server 5.7 for RHEL 9 - noarch, x86_64\n\n3. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nTomcat Servlet container, JBoss HTTP Connector (mod_cluster), the\nPicketLink Vault extension for Apache Tomcat, and the Tomcat Native\nlibrary. \n\nThis release of Red Hat JBoss Web Server 5.7.0 serves as a replacement for\nRed Hat JBoss Web Server 5.6.1. This release includes bug fixes,\nenhancements and component upgrades, which are documented in the Release\nNotes, linked to in the References. \n\nSecurity Fix(es):\n\n* tomcat: local privilege escalation vulnerability (CVE-2022-23181)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nBefore applying the update, back up your existing Red Hat JBoss Web Server\ninstallation (including all applications and configuration files). \n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2047417 - CVE-2022-23181 tomcat: local privilege escalation vulnerability\n\n6. Package List:\n\nRed Hat JBoss Web Server 5.7 for RHEL 7 Server:\n\nSource:\njws5-ecj-4.20.0-1.redhat_00002.1.el7jws.src.rpm\njws5-tomcat-9.0.62-9.redhat_00005.1.el7jws.src.rpm\njws5-tomcat-native-1.2.31-10.redhat_10.el7jws.src.rpm\n\nnoarch:\njws5-ecj-4.20.0-1.redhat_00002.1.el7jws.noarch.rpm\njws5-tomcat-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-admin-webapps-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-docs-webapp-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-el-3.0-api-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-java-jdk11-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-java-jdk8-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-javadoc-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-jsp-2.3-api-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-lib-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-selinux-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-servlet-4.0-api-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\njws5-tomcat-webapps-9.0.62-9.redhat_00005.1.el7jws.noarch.rpm\n\nx86_64:\njws5-tomcat-native-1.2.31-10.redhat_10.el7jws.x86_64.rpm\njws5-tomcat-native-debuginfo-1.2.31-10.redhat_10.el7jws.x86_64.rpm\n\nRed Hat JBoss Web Server 5.7 for RHEL 8:\n\nSource:\njws5-ecj-4.20.0-1.redhat_00002.1.el8jws.src.rpm\njws5-tomcat-9.0.62-9.redhat_00005.1.el8jws.src.rpm\njws5-tomcat-native-1.2.31-10.redhat_10.el8jws.src.rpm\n\nnoarch:\njws5-ecj-4.20.0-1.redhat_00002.1.el8jws.noarch.rpm\njws5-tomcat-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-admin-webapps-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-docs-webapp-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-el-3.0-api-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-javadoc-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-jsp-2.3-api-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-lib-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-selinux-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-servlet-4.0-api-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\njws5-tomcat-webapps-9.0.62-9.redhat_00005.1.el8jws.noarch.rpm\n\nx86_64:\njws5-tomcat-native-1.2.31-10.redhat_10.el8jws.x86_64.rpm\njws5-tomcat-native-debuginfo-1.2.31-10.redhat_10.el8jws.x86_64.rpm\n\nRed Hat JBoss Web Server 5.7 for RHEL 9:\n\nSource:\njws5-1-8.el9jws.src.rpm\njws5-ecj-4.20.0-1.redhat_00002.1.el9jws.src.rpm\njws5-javapackages-tools-3.4.1-5.15.11.el9jws.src.rpm\njws5-jboss-logging-3.4.1-1.Final_redhat_00001.1.el9jws.src.rpm\njws5-mod_cluster-1.4.3-2.Final_redhat_00002.1.el9jws.src.rpm\njws5-tomcat-9.0.62-9.redhat_00005.1.el9jws.src.rpm\njws5-tomcat-native-1.2.31-10.redhat_10.el9jws.src.rpm\njws5-tomcat-vault-1.1.8-4.Final_redhat_00004.1.el9jws.src.rpm\n\nnoarch:\njws5-ecj-4.20.0-1.redhat_00002.1.el9jws.noarch.rpm\njws5-javapackages-tools-3.4.1-5.15.11.el9jws.noarch.rpm\njws5-jboss-logging-3.4.1-1.Final_redhat_00001.1.el9jws.noarch.rpm\njws5-mod_cluster-1.4.3-2.Final_redhat_00002.1.el9jws.noarch.rpm\njws5-mod_cluster-tomcat-1.4.3-2.Final_redhat_00002.1.el9jws.noarch.rpm\njws5-python-javapackages-3.4.1-5.15.11.el9jws.noarch.rpm\njws5-tomcat-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-admin-webapps-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-docs-webapp-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-el-3.0-api-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-javadoc-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-jsp-2.3-api-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-lib-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-selinux-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-servlet-4.0-api-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\njws5-tomcat-vault-1.1.8-4.Final_redhat_00004.1.el9jws.noarch.rpm\njws5-tomcat-vault-javadoc-1.1.8-4.Final_redhat_00004.1.el9jws.noarch.rpm\njws5-tomcat-webapps-9.0.62-9.redhat_00005.1.el9jws.noarch.rpm\n\nx86_64:\njws5-1-8.el9jws.x86_64.rpm\njws5-runtime-1-8.el9jws.x86_64.rpm\njws5-tomcat-native-1.2.31-10.redhat_10.el9jws.x86_64.rpm\njws5-tomcat-native-debuginfo-1.2.31-10.redhat_10.el9jws.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-23181\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY2JoxdzjgjWX9erEAQgBthAAoenDKKMVhg3cftJvIZ+HbMcReE/vRlif\nNSofyo787+9uOGOL4sCaveMdiBtiw06bzcLsd44STR7ug41vETKbJa3k87b1HY5S\njGzYvFk2fHKkb+9HnMs3UNCFi9TV361IA4hkV4yTtgGxtUKhd5hdrEq4cR0c3BMo\n9pJi7+F4MKuChzUwWcJD8nnrGckwk6/I7QXUDVZisCwy2PIUKvhVMlJf6ojXXKIv\nTgIAKeo890DmRQRr8D5Plc1h7MYAr+YFSaTftrifE1wanBiIF0NHiVcWO845LaMc\nbwSKsF0dcx7BOzs7huxkK870M1KnYrdSLFgYQtSz8Az119vrQCukfGfuF+2LfxxT\njNwzZ7VJa8Coci5v0Lez+U/b4r5WqtUkHheUqrYvC0PP37Swucj3MhRk657KvSsS\nu3NyhlnIZmWJOel4B2KSCmIvGSj8irAmAOAWCFhSFaRZFDGfRQ+D3k/sb1kIWtQB\nVGheaUXm11sOqvl+T2ecinUvddC05sRvvcSY0iXEyupFvpOUsG3DpYQI6c0ffGc6\nQTnMdWLMCxRSSe3g21hJ4QTzYMi6oSa+2KLho8GlJe0d1PXR3bS128/2h4/R5bmJ\n18XF/i/tC7/9OtZfkoTNkZh6AmjI/tH0qj6XlsU2B3sTd8rBJ0Ry3twhhdUKBIdT\nPmiEP6NSVY8=R1gB\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat support for Spring Boot provides an application platform that\nreduces the complexity of developing and operating applications (monoliths\nand microservices) for OpenShift as a containerized platform. \n\nCVE-2021-43980\n\n The simplified implementation of blocking reads and writes introduced in\n Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing\n (but extremely hard to trigger) concurrency bug that could cause client\n connections to share an Http11Processor instance resulting in responses, or\n part responses, to be received by the wrong client. \n\nCVE-2022-29885\n\n The documentation of Apache Tomcat for the EncryptInterceptor incorrectly\n stated it enabled Tomcat clustering to run over an untrusted network. This\n was not correct. While the EncryptInterceptor does provide confidentiality\n and integrity protection, it does not protect against all risks associated\n with running over any untrusted network, particularly DoS risks. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 9.0.43-2~deb11u4. \n\nWe recommend that you upgrade your tomcat9 packages. \n\nFor the detailed security status of tomcat9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/tomcat9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmNdoYJfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeRLxxAAzz/exjL7ERlJfqqvv1ofnRRmmJYtqaofzV8Ewb/xrFIQM8ZXohWLF9a0\ns0monZtUm+eQEKM3nYl1nXPI4l/shKnvo9yU17gcxqBgzBeYqsX9hqDm2Ie0raS7\nn22rwO4fHcQJ7vhSx2oYNL++YbEYQFEZgz+ZfiOLStHc2pIq2fxi4+jXuXHMUwuS\nKuCOYF8VLBjY87T7BT168GtKi02sIQzbXgAQSAGU6WsOvV4DLjagn/g+b1lK8F5u\nxO6rU2iM6pR73Ei2H2pb1B39BGhjorub7L2GQfiIMKf3bD7M+jflCnGq3n/xsUrO\n6PkaSCaN4DEip9V+3DBJ4TcOj0x/LzHMHimDoZ/CLI5qoPq5KWS4L7AKXM876+v5\nHIIzDH5B5INTeSEoVDkgKVx2fy8ZbaeDV+cmFTjXb+pmFpxxEuPGRYJg3Mv8PsqZ\nqPUqyrTKx8treIfXNJhJL00omDAX1T75H38BMNv56BbAHcBfszyFHHzr9uPo0+Fc\ntLYanZlx48IfCLXhOl2VcyE5up1snJmtMG1S2wFfl4btVfApGSAzAxSeYau+EGTu\npoFmm/5atf68cKEyGIuPFeNk97mqIp55gDi5lks/Cs7wW/EJndzFd/g5LwXb1HO1\nE30OhC79DT0Jlwpw3+VhS475K3XzGOhnk4x6DA1a/NtAzzaz7dg=\n=U52K\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6943-1\nAugust 01, 2024\n\ntomcat8, tomcat9 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Tomcat. \n\nSoftware Description:\n- tomcat9: Servlet and JSP engine\n- tomcat8: Servlet and JSP engine\n\nDetails:\n\nIt was discovered that Tomcat incorrectly handled certain uncommon\nPersistenceManager with FileStore configurations. A remote attacker could\npossibly use this issue to execute arbitrary code. This issue only affected\ntomcat8 for Ubuntu 18.04 LTS (CVE-2020-9484)\n\nIt was discovered that Tomcat incorrectly handled certain HTTP/2 connection\nrequests. A remote attacker could use this issue to obtain wrong responses\npossibly containing sensitive information. This issue only affected tomcat8\nfor Ubuntu 18.04 LTS (CVE-2021-25122)\n\nThomas Wozenilek discovered that Tomcat incorrectly handled certain TLS\n\n\npackets. A remote attacker could possibly use this issue to cause a denial\nof service. This issue only affected tomcat8 for Ubuntu 18.04 LTS\n(CVE-2021-41079)\n\nTrung Pham discovered that a race condition existed in Tomcat when handling\nsession files with FileStore. A remote attacker could possibly use this\nissue to execute arbitrary code. This issue affected tomcat8 for Ubuntu\n16.04 LTS and Ubuntu 18.04 LTS, and tomcat9 for Ubuntu 18.04 LTS and Ubuntu\n20.04 LTS (CVE-2022-23181)\n\nIt was discovered that Tomcat\u0027s documentation incorrectly stated that\nEncryptInterceptor provided availability protection when running over an\nuntrusted network. A remote attacker could possibly use this issue to cause\na denial of service even if EncryptInterceptor was being used. This issue\naffected tomcat8 for Ubuntu 18.04 LTS, and tomcat9 for Ubuntu 18.04 LTS,\nUbuntu 20.04 LTS and Ubuntu 22.04 LTS (CVE-2022-29885)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS\n tomcat9-docs 9.0.58-1ubuntu0.1+esm2\n Available with Ubuntu Pro\n\nUbuntu 20.04 LTS\n libtomcat9-java 9.0.31-1ubuntu0.6\n tomcat9 9.0.31-1ubuntu0.6\n tomcat9-docs 9.0.31-1ubuntu0.6\n\nUbuntu 18.04 LTS\n libtomcat8-java 8.5.39-1ubuntu1~18.04.3+esm2\n Available with Ubuntu Pro\n libtomcat9-java 9.0.16-3ubuntu0.18.04.2+esm2\n Available with Ubuntu Pro\n tomcat8 8.5.39-1ubuntu1~18.04.3+esm2\n Available with Ubuntu Pro\n tomcat8-docs 8.5.39-1ubuntu1~18.04.3+esm2\n Available with Ubuntu Pro\n tomcat9 9.0.16-3ubuntu0.18.04.2+esm2\n Available with Ubuntu Pro\n tomcat9-docs 9.0.16-3ubuntu0.18.04.2+esm2\n Available with Ubuntu Pro\n\nUbuntu 16.04 LTS\n libtomcat8-java 8.0.32-1ubuntu1.13+esm1\n Available with Ubuntu Pro\n tomcat8 8.0.32-1ubuntu1.13+esm1\n Available with Ubuntu Pro\n\nIn general, a standard system update will make all the necessary changes", "sources": [ { "db": "NVD", "id": "CVE-2022-23181" }, { "db": "CNVD", "id": "CNVD-2022-08354" }, { "db": "VULMON", "id": "CVE-2022-23181" }, { "db": "PACKETSTORM", "id": "167841" }, { "db": "PACKETSTORM", "id": "169694" }, { "db": "PACKETSTORM", "id": "169697" }, { "db": "PACKETSTORM", "id": "170859" }, { "db": "PACKETSTORM", "id": "169603" }, { "db": "PACKETSTORM", "id": "179893" } ], "trust": 2.07 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-23181", "trust": 2.9 }, { "db": "PACKETSTORM", "id": "169697", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "169603", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2022-08354", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.1107", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5535", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5458", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0730", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.0665", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0993", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022042257", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022030854", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022041951", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022042119", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022012708", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022072013", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202201-2423", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-23181", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "167841", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "169694", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "170859", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "179893", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" }, { "db": "VULMON", "id": "CVE-2022-23181" }, { "db": "PACKETSTORM", "id": "167841" }, { "db": "PACKETSTORM", "id": "169694" }, { "db": "PACKETSTORM", "id": "169697" }, { "db": "PACKETSTORM", "id": "170859" }, { "db": "PACKETSTORM", "id": "169603" }, { "db": "PACKETSTORM", "id": "179893" }, { "db": "CNNVD", "id": "CNNVD-202201-2423" }, { "db": "NVD", "id": "CVE-2022-23181" } ] }, "id": "VAR-202201-0559", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" } ], "trust": 0.06 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" } ] }, "last_update_date": "2024-11-23T19:42:58.520000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Apache Tomcat permissions permission and access control issue vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/317661" }, { "title": "Apache Tomcat Fixes for permissions and access control issues vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=180352" }, { "title": "Red Hat: Moderate: Red Hat JBoss Web Server 5.7.0 release and security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227272 - Security Advisory" }, { "title": "Amazon Linux AMI: ALAS-2022-1572", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2022-1572" }, { "title": "Red Hat: Moderate: Red Hat JBoss Web Server 5.7.0 release and security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227273 - Security Advisory" }, { "title": "Red Hat: CVE-2022-23181", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2022-23181" }, { "title": "Debian Security Advisories: DSA-5265-1 tomcat9 -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5ff46eee51fe9c568d7579825e9f7646" }, { "title": "Amazon Linux 2022: ALAS2022-2022-044", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-044" }, { "title": "Amazon Linux 2022: ALAS-2022-233", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS-2022-233" }, { "title": "Red Hat: Important: Red Hat Fuse 7.11.0 release and security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225532 - Security Advisory" }, { "title": "", "trust": 0.1, "url": "https://github.com/pen4uin/awesome-vulnerability-research " }, { "title": "", "trust": 0.1, "url": "https://github.com/pen4uin/vulnerability-research " }, { "title": "", "trust": 0.1, "url": "https://github.com/pen4uin/vulnerability-research-list " } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" }, { "db": "VULMON", "id": "CVE-2022-23181" }, { "db": "CNNVD", "id": "CNNVD-202201-2423" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-367", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2022-23181" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "trust": 1.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23181" }, { "trust": 1.7, "url": "https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9" }, { "trust": 1.7, "url": "https://security.netapp.com/advisory/ntap-20220217-0010/" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "trust": 1.7, "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html" }, { "trust": 1.7, "url": "https://www.debian.org/security/2022/dsa-5265" }, { "trust": 1.0, "url": "https://access.redhat.com/security/cve/cve-2022-23181" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0730" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0993" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022072013" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169697/red-hat-security-advisory-2022-7272-01.html" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022042257" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022012708" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.0665" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022042119" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022041951" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/apache-tomcat-privilege-escalation-via-filestore-sessions-37391" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/169603/debian-security-advisory-5265-1.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5458" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5535" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022030854" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.1107" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.4, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.4, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.2, "url": "https://access.redhat.com/errata/rhsa-2022:7272" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-25122" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9484" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29885" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/367.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://alas.aws.amazon.com/alas-2022-1572.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3629" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-29582" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-40690" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-0084" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-25122" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-25845" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22060" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22573" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-2471" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-26336" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22119" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-24122" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22569" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-22970" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.11.0" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7020" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22119" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-23913" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-35517" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-35516" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33813" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-21724" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-22950" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-22932" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-30126" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-22978" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33037" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-25329" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-42340" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3642" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3859" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-30640" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-4178" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-22971" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22096" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3807" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-41079" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-38153" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-15250" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-36518" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15250" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-43797" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22096" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-22976" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22573" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-7020" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-22968" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-1319" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-24614" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25689" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22569" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-23596" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-25689" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-24122" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-36090" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-23221" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22060" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-21363" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-9484" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-43859" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-26520" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-2471" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-42550" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-41766" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-29505" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-29582" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-36518" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-1259" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-35515" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:5532" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3644" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22696" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30468" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-30468" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22696" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:7273" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:0272" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.7/html/release_notes_for_spring_boot_2.7/index" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=catrhoar.spring.boot\u0026version=2.7.2.sp1" }, { "trust": 0.1, "url": "https://security-tracker.debian.org/tracker/tomcat9" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-43980" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-6943-1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-41079" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/tomcat9/9.0.31-1ubuntu0.6" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" }, { "db": "VULMON", "id": "CVE-2022-23181" }, { "db": "PACKETSTORM", "id": "167841" }, { "db": "PACKETSTORM", "id": "169694" }, { "db": "PACKETSTORM", "id": "169697" }, { "db": "PACKETSTORM", "id": "170859" }, { "db": "PACKETSTORM", "id": "169603" }, { "db": "PACKETSTORM", "id": "179893" }, { "db": "CNNVD", "id": "CNNVD-202201-2423" }, { "db": "NVD", "id": "CVE-2022-23181" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-08354" }, { "db": "VULMON", "id": "CVE-2022-23181" }, { "db": "PACKETSTORM", "id": "167841" }, { "db": "PACKETSTORM", "id": "169694" }, { "db": "PACKETSTORM", "id": "169697" }, { "db": "PACKETSTORM", "id": "170859" }, { "db": "PACKETSTORM", "id": "169603" }, { "db": "PACKETSTORM", "id": "179893" }, { "db": "CNNVD", "id": "CNNVD-202201-2423" }, { "db": "NVD", "id": "CVE-2022-23181" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-05T00:00:00", "db": "CNVD", "id": "CNVD-2022-08354" }, { "date": "2022-01-27T00:00:00", "db": "VULMON", "id": "CVE-2022-23181" }, { "date": "2022-07-27T17:27:19", "db": "PACKETSTORM", "id": "167841" }, { "date": "2022-11-02T15:01:08", "db": "PACKETSTORM", "id": "169694" }, { "date": "2022-11-02T15:01:44", "db": "PACKETSTORM", "id": "169697" }, { "date": "2023-02-07T16:32:55", "db": "PACKETSTORM", "id": "170859" }, { "date": "2022-10-31T15:02:10", "db": "PACKETSTORM", "id": "169603" }, { "date": "2024-08-02T16:04:27", "db": "PACKETSTORM", "id": "179893" }, { "date": "2022-01-26T00:00:00", "db": "CNNVD", "id": "CNNVD-202201-2423" }, { "date": "2022-01-27T13:15:08.060000", "db": "NVD", "id": "CVE-2022-23181" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-05T00:00:00", "db": "CNVD", "id": "CNVD-2022-08354" }, { "date": "2022-11-07T00:00:00", "db": "VULMON", "id": "CVE-2022-23181" }, { "date": "2023-02-07T00:00:00", "db": "CNNVD", "id": "CNNVD-202201-2423" }, { "date": "2024-11-21T06:48:08.640000", "db": "NVD", "id": "CVE-2022-23181" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202201-2423" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Tomcat permissions permission and access control issue vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2022-08354" } ], "trust": 0.6 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-202201-2423" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.