Lucene search

(RHSA-2022:9058) Important: prometheus-jmx-exporter security update

🗓️ 15 Dec 2022 15:09:08Reported by RedHatType

Prometheus JMX Exporter SnakeYaml security update for Uni

Reporter	Title	Published	Views	Family All 197
Hacker One	Kubernetes: The `io.kubernetes.client.util.generic.dynamic.Dynamics` contains a code execution vulnerability due to SnakeYAML	15 Dec 202219:07	–	hackerone
Oracle linux	prometheus-jmx-exporter security update	15 Dec 202200:00	–	oraclelinux
F5 Networks	K000132638 : SnakeYAML vulnerability CVE-2022-1471	16 Feb 202300:00	–	f5
OSV	CGA-P6JG-FJVM-FX3W	6 Jun 202412:28	–	osv
OSV	CGA-7XRX-M75C-PC58	8 Nov 202414:06	–	osv
OSV	RHSA-2022:9058 Red Hat Security Advisory: prometheus-jmx-exporter security update	30 Sep 202416:30	–	osv
OSV	SnakeYaml Constructor Deserialization Remote Code Execution	12 Dec 202221:19	–	osv
OSV	CGA-R36X-JX84-2CGP	6 Jun 202412:29	–	osv
OSV	CGA-23VR-F599-CMCV	25 Sep 202405:09	–	osv
OSV	CVE-2022-1471	1 Dec 202211:15	–	osv

OS	OS Version	Architecture	Package	Package Version	Filename
RedHat	8	noarch	prometheus-jmx-exporter	0.12.0-9.el8_7	prometheus-jmx-exporter-0.12.0-9.el8_7.noarch.rpm
RedHat	8	noarch	prometheus-jmx-exporter-openjdk8	0.12.0-9.el8_7	prometheus-jmx-exporter-openjdk8-0.12.0-9.el8_7.noarch.rpm
RedHat	8	noarch	prometheus-jmx-exporter-openjdk17	0.12.0-9.el8_7	prometheus-jmx-exporter-openjdk17-0.12.0-9.el8_7.noarch.rpm
RedHat	8	noarch	prometheus-jmx-exporter-openjdk11	0.12.0-9.el8_7	prometheus-jmx-exporter-openjdk11-0.12.0-9.el8_7.noarch.rpm

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Dec 2022 15:08Current

1.7Low risk

Vulners AI Score1.7

CVSS38.3 - 9.8

EPSS0.02445

SSVC

CWE-20->CWE-1066->CWE-502