11 matches found
Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes security update
An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...
Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 9
New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 7
New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 (RHSA-2023:1514)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1514 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 8 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
africa.absa:inception-application (>=1.0.0 <=1.2.0), asia.990121:message-example (=1.0.0) +3223 more potentially affected by CVE-2022-4492 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.2.23.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2022-4492 Source advisory: OSV:GHSA-PFCC-3G6R-8RG8...
CVE-2022-4492
CVE-2022-4492 is linked to Undertow: the undertow client does not verify the server identity presented by the server certificate in HTTPS connections, a TLS-level check that should be performed by default. This can enable weaknesses in TLS client verification and potential MITM scenarios. Connect...
CVE-2022-4492
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step that should at least be performed by default in HTTPS and in http/2...