Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update
🔗 CVE IDs covered (20)
📋 Description
CVE-2021-46877 — jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode CVE-2022-4492 — undertow: Server identity in https connection is not checked by the undertow client CVE-2022-41721 — x/net/http2/h2c: request smuggling CVE-2022-41723 — golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding CVE-2022-41724 — golang: crypto/tls: large handshake records may cause panics CVE-2022-41725 — golang: net/http, mime/multipart: denial of service from excessive resource consumption CVE-2022-41854 — dev-java/snakeyaml: DoS via stack overflow CVE-2022-41881 — codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS CVE-2023-2798 — htmlUnit: Stack overflow crash causes Denial of Service (DoS) CVE-2023-22899 — zip4j: does not always check the MAC when decrypting a ZIP archive CVE-2023-24532 — golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results CVE-2023-24534 — golang: net/http, net/textproto: denial of service from excessive memory allocation CVE-2023-24536 — golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption CVE-2023-24537 — golang: go/parser: Infinite loop in parsing CVE-2023-24538 — golang: html/template: backticks not treated as string delimiters CVE-2023-24539 — golang: html/template: improper sanitization of CSS values CVE-2023-24540 — golang: html/template: improper handling of JavaScript whitespace CVE-2023-26125 — golang-github-gin-gonic-gin: Improper Input Validation CVE-2023-29400 — golang: html/template: improper handling of empty HTML attributes CVE-2023-34104 — fast-xml-parser: Regex Injection via Doctype Entities
🔗 References (104)
- selfhttps://access.redhat.com/errata/RHSA-2023:4627
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151988
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2153260
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2153379
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2162182
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2178358
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2178488
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2178492
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2184481
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2184482
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2184483
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2184484
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2185278
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2185707
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2196026
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2196027
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2196029
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2203769
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2210366
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2221261
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2223355
- externalhttps://issues.redhat.com/browse/MTA-1015
- externalhttps://issues.redhat.com/browse/MTA-1041
- externalhttps://issues.redhat.com/browse/MTA-194
- externalhttps://issues.redhat.com/browse/MTA-24
- externalhttps://issues.redhat.com/browse/MTA-27
- externalhttps://issues.redhat.com/browse/MTA-464
- externalhttps://issues.redhat.com/browse/MTA-465
- externalhttps://issues.redhat.com/browse/MTA-468
- externalhttps://issues.redhat.com/browse/MTA-469
- externalhttps://issues.redhat.com/browse/MTA-470
- externalhttps://issues.redhat.com/browse/MTA-472
- externalhttps://issues.redhat.com/browse/MTA-474
- externalhttps://issues.redhat.com/browse/MTA-476
- externalhttps://issues.redhat.com/browse/MTA-477
- externalhttps://issues.redhat.com/browse/MTA-478
- externalhttps://issues.redhat.com/browse/MTA-479
- externalhttps://issues.redhat.com/browse/MTA-480
- externalhttps://issues.redhat.com/browse/MTA-481
- externalhttps://issues.redhat.com/browse/MTA-483
- externalhttps://issues.redhat.com/browse/MTA-484
- externalhttps://issues.redhat.com/browse/MTA-485
- externalhttps://issues.redhat.com/browse/MTA-500
- externalhttps://issues.redhat.com/browse/MTA-582
- externalhttps://issues.redhat.com/browse/MTA-590
- externalhttps://issues.redhat.com/browse/MTA-643
- externalhttps://issues.redhat.com/browse/MTA-647
- externalhttps://issues.redhat.com/browse/MTA-651
- externalhttps://issues.redhat.com/browse/MTA-658
- externalhttps://issues.redhat.com/browse/MTA-659
- externalhttps://issues.redhat.com/browse/MTA-674
- externalhttps://issues.redhat.com/browse/MTA-678
- externalhttps://issues.redhat.com/browse/MTA-680
- externalhttps://issues.redhat.com/browse/MTA-681
- externalhttps://issues.redhat.com/browse/MTA-682
- externalhttps://issues.redhat.com/browse/MTA-695
- externalhttps://issues.redhat.com/browse/MTA-698
- externalhttps://issues.redhat.com/browse/MTA-699
- externalhttps://issues.redhat.com/browse/MTA-706
- externalhttps://issues.redhat.com/browse/MTA-717
- externalhttps://issues.redhat.com/browse/MTA-739
- externalhttps://issues.redhat.com/browse/MTA-741
- externalhttps://issues.redhat.com/browse/MTA-747
- externalhttps://issues.redhat.com/browse/MTA-750
- externalhttps://issues.redhat.com/browse/MTA-753
- externalhttps://issues.redhat.com/browse/MTA-761
- externalhttps://issues.redhat.com/browse/MTA-764
- externalhttps://issues.redhat.com/browse/MTA-765
- externalhttps://issues.redhat.com/browse/MTA-766
- externalhttps://issues.redhat.com/browse/MTA-772
- externalhttps://issues.redhat.com/browse/MTA-773
- externalhttps://issues.redhat.com/browse/MTA-778
- externalhttps://issues.redhat.com/browse/MTA-802
- externalhttps://issues.redhat.com/browse/MTA-807
- externalhttps://issues.redhat.com/browse/MTA-808
- externalhttps://issues.redhat.com/browse/MTA-809
- externalhttps://issues.redhat.com/browse/MTA-811
- externalhttps://issues.redhat.com/browse/MTA-814
- externalhttps://issues.redhat.com/browse/MTA-815
- externalhttps://issues.redhat.com/browse/MTA-826
- externalhttps://issues.redhat.com/browse/MTA-845
- externalhttps://issues.redhat.com/browse/MTA-863
- externalhttps://issues.redhat.com/browse/MTA-870
- externalhttps://issues.redhat.com/browse/MTA-872
- externalhttps://issues.redhat.com/browse/MTA-873
- externalhttps://issues.redhat.com/browse/MTA-877
- externalhttps://issues.redhat.com/browse/MTA-881
- externalhttps://issues.redhat.com/browse/MTA-894
- externalhttps://issues.redhat.com/browse/MTA-895
- externalhttps://issues.redhat.com/browse/MTA-898
- externalhttps://issues.redhat.com/browse/MTA-906
- externalhttps://issues.redhat.com/browse/MTA-908
- externalhttps://issues.redhat.com/browse/MTA-909
- externalhttps://issues.redhat.com/browse/MTA-912
- externalhttps://issues.redhat.com/browse/MTA-916
- externalhttps://issues.redhat.com/browse/MTA-923
- externalhttps://issues.redhat.com/browse/MTA-937
- externalhttps://issues.redhat.com/browse/MTA-943
- externalhttps://issues.redhat.com/browse/MTA-973
- externalhttps://issues.redhat.com/browse/MTA-974
- externalhttps://issues.redhat.com/browse/MTA-984
- externalhttps://issues.redhat.com/browse/MTA-985
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4627.json