Lucene search

Moderate: prometheus-jmx-exporter security update

🗓️ 06 Oct 2022 00:00:00Reported by AlmaLinuxType

almalinux🔗 errata.almalinux.org👁 32 Views

Prometheus JMX Exporter security update for snakeyaml denial of service

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 159
Oracle linux	prometheus-jmx-exporter security update	6 Oct 202200:00	–	oraclelinux
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that process yaml files may be vulnerable to denial of service due to CVE-2022-25857	4 Nov 202216:41	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to org.yaml:snakeyaml Denial of Service (DoS)	6 Dec 202405:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Blockchain bridge is vulnerable to an issue identified in snakeyaml (CVE-2022-25857)	3 Feb 202319:33	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in SnakeYAML affects IBM Process Mining . CVE-2022-25857	1 Feb 202321:50	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in SnakeYAML used by Logstash affects IBM Operations Analytics - Log Analysis (CVE-2022-25857, CVE-2017-18640)	21 Nov 202205:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling B2B Integrator vulnerable to multiple issues due to SnakeYAML	14 Feb 202318:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Multicloud Management is vulnerable to denial of service attacks due to snakeYAML	1 Feb 202311:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Workload Scheduler potentially affected by multiple vulnerabilities in Java package org.yaml:snakeyaml	30 Jan 202317:48	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities related to SnakeYAML in Logstash shipped with IBM Operations Analytics - Log Analysis	3 Apr 202307:34	–	ibm

Source	Link
access	www.access.redhat.com/errata/RHSA-2022:6820
access	www.access.redhat.com/security/cve/CVE-2022-25857
bugzilla	www.bugzilla.redhat.com/2126789
errata	www.errata.almalinux.org/8/ALSA-2022-6820.html

OS	OS Version	Architecture	Package	Package Version	Filename
almalinux	8	noarch	prometheus-jmx-exporter	0.12.0-8.el8_6	prometheus-jmx-exporter-0.12.0-8.el8_6.noarch.rpm
almalinux	8	noarch	prometheus-jmx-exporter-openjdk11	0.12.0-8.el8_6	prometheus-jmx-exporter-openjdk11-0.12.0-8.el8_6.noarch.rpm

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Oct 2022 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS37.5

EPSS0.0028