RHSA-2022:6813HighCVSS 9.8

Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.1 security update

Published
October 5, 2022
Last Modified
June 15, 2026

🔗 CVE IDs covered (19)

📋 Description

CVE-2020-7746 — chart.js: prototype pollution CVE-2020-36518 — jackson-databind: denial of service via a large depth of nested objects CVE-2021-23436 — immer: type confusion vulnerability can lead to a bypass of CVE-2020-28477 CVE-2021-44906 — minimist: prototype pollution CVE-2022-0235 — node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0722 — parse-url: Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url CVE-2022-1365 — cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor CVE-2022-1415 — drools: unsafe data deserialization in StreamUtils CVE-2022-1650 — eventsource: Exposure of Sensitive Information CVE-2022-2458 — Business-central: Possible XML External Entity Injection attack CVE-2022-21363 — mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors CVE-2022-21724 — jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes CVE-2022-23437 — xerces-j2: infinite loop when handling specially crafted XML document payloads CVE-2022-23913 — artemis-commons: Apache ActiveMQ Artemis DoS CVE-2022-24771 — node-forge: Signature verification leniency in checking digestAlgorithm structure can lead to signature forgery CVE-2022-24772 — node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery CVE-2022-24785 — Moment.js: Path traversal in moment.locale CVE-2022-26520 — postgresql-jdbc: Arbitrary File Write Vulnerability CVE-2022-31129 — moment: inefficient parsing algorithm resulting in DoS

🔗 References (21)