Lucene search

K
redhatRedHatRHSA-2023:3193
HistoryMay 17, 2023 - 3:47 p.m.

(RHSA-2023:3193) Important: Red Hat Integration Camel Extensions for Quarkus 2.7.1-1 security update

2023-05-1715:47:07
access.redhat.com
11
rhsa-2023-3193
red hat integration
camel extensions
quarkus 2.7.1
security update
cve-2023-1370
json-smart
resource exhaustion

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

43.2%

A security update for Camel Extensions for Quarkus 2.7.1 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Red Hat Product Security has rated this update as having an impact of Important.

A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Security Fix(es):

  • CVE-2023-1370 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

43.2%