11 matches found
Critical: Red Hat Security Advisory: Red Hat Fuse 7.11.1.P1 security update for Fuse on EAP
A security update for Fuse 7.11.1 is now available for Red Hat Fuse on EAP. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring...
Critical: Red Hat Security Advisory: Red Hat Fuse 7.11.1.P1 security update
A security update for Fuse 7.11.1 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of...
CVE-2022-36437
A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...
CVE-2022-36437
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...
CVE-2022-36437
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...
CVE-2022-36437
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...
CVE-2022-36437
CVE-2022-36437 pertains to Hazelcast and Hazelcast Jet where the Connection handler can be exploited by a remote unauthenticated attacker to access and manipulate data in the cluster using another authenticated connection’s identity. Affected Hazelcast versions: up to 4.0.6, 4.1.9, 4.2.5, 5.0.3, ...
ch.mobi.mobitor:mobitor-base (>=3.1.242 <=3.1.295), cloud.piranha.session:piranha-session-hazelcast (>=20.3.0 <=20.11.0) +102 more potentially affected by CVE-2022-36437 via com.hazelcast:hazelcast (>=4.0 <=4.0.6)
com.hazelcast:hazelcast MAVEN version =4.0, =3.1.242, =20.3.0, =3.1.1, =3.1.1, =0.4.0, =0.1.0, =4.9.0, =1.0.2, =4.0, =0.13, =0.12, =1.0 and more Source cves: CVE-2022-36437 Source advisory: OSV:GHSA-C5HG-MR8R-F6JP...
br.com.ingenieux:jbake-maven-plugin (>=0.0.3 <=0.0.9), br.com.jarch:jarch-apt (>=20.3.0 <=25.12.0) +631 more potentially affected by CVE-2022-36437 via com.hazelcast:hazelcast (>=1.7 <=3.12.12)
com.hazelcast:hazelcast MAVEN version =1.7, =0.0.3, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =3.1.13, =0.4.9, =0.6.2 and more Source cves: CVE-2022-36437 Source advisory: OSV:GHSA-C5HG-MR8R-F6JP...
cloud.piranha.session:piranha-session-hazelcast (>=20.12.0 <=21.4.0), com.bucket4j:bucket4j-hazelcast-4 (>=8.10.0 <=8.10.1) +92 more potentially affected by CVE-2022-36437 via com.hazelcast:hazelcast (>=4.1 <=4.1.1)
com.hazelcast:hazelcast MAVEN version =4.1, =20.12.0, =8.10.0, =8.11.0, =8.11.0, =8.10.0, =4.1, =2.2.1, =2.2.2 and more Source cves: CVE-2022-36437 Source advisory: OSV:GHSA-C5HG-MR8R-F6JP...
ch.mobi.mobitor:mobitor-base (>=3.1.305 <=3.1.485), cloud.piranha.extension:piranha-extension-hazelcast (>=21.6.0 <=21.10.0) +147 more potentially affected by CVE-2022-36437 via com.hazelcast:hazelcast (>=4.2 <=4.2.5)
com.hazelcast:hazelcast MAVEN version =4.2, =3.1.305, =21.6.0, =1.37.0, =0.5.0, =3.1.5, =1.1.1, =1.1.1, =1.1.1, =1.1.0, =1.1.1, =1.1.6 and more Source cves: CVE-2022-36437 Source advisory: OSV:GHSA-C5HG-MR8R-F6JP...