RHSA-2023:0471HighCVSS 9.8

Red Hat Security Advisory: Migration Toolkit for Runtimes security update

Published
January 26, 2023
Last Modified
June 30, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2022-3517 — nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-25914 — jib-core: RCE via the isDockerInstalled CVE-2022-37603 — loader-utils: Regular expression denial of service CVE-2022-42003 — jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS CVE-2022-42004 — jackson-databind: use of deeply nested arrays CVE-2022-42920 — Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing

🔗 References (10)