logo
DATABASE RESOURCES PRICING ABOUT US

RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.1] (RHSA-2022:5555)

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5555 advisory. - springframework: malicious input leads to insertion of additional log entries (CVE-2021-22096) - nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623) - apache-commons-compress: infinite loop when reading a specially crafted 7Z archive (CVE-2021-35515) - apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive (CVE-2021-35516) - apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive (CVE-2021-35517) - apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive (CVE-2021-36090) - nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807) - spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950) - semantic-release: Masked secrets can be disclosed if they contain characters that are excluded from uri encoding (CVE-2022-31051) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related