Red Hat Security Advisory: Migration Toolkit for Applications security update
🔗 CVE IDs covered (9)
📋 Description
CVE-2022-1962 — golang: go/parser: stack exhaustion in all Parse* functions CVE-2022-45693 — jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos CVE-2022-46751 — apache-ivy: XML External Entity vulnerability CVE-2023-1436 — jettison: Uncontrolled Recursion in JSONArray CVE-2023-2976 — guava: insecure temporary directory creation CVE-2023-26159 — follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() CVE-2023-29406 — golang: net/http: insufficient sanitization of Host header CVE-2023-29409 — golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-35116 — jackson-databind: denial of service via cylic dependencies
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2024:1027
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107376
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2155970
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2182788
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2215214
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2215229
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2222167
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2228743
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2233112
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2256413
- externalhttps://issues.redhat.com/browse/MTA-87
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1027.json