RHSA-2022:4985MediumCVSS 7.5
Red Hat Security Advisory: Cryostat 2.1.1: new Cryostat on RHEL 8 container images
🔗 CVE IDs covered (2)
📋 Description
CVE-2022-25647 — com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson CVE-2022-28948 — golang-gopkg-yaml: crash when attempting to deserialize invalid input
🔗 References (5)
- selfhttps://access.redhat.com/errata/RHSA-2022:4985
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2080850
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2088748
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4985.json