Gentoo Linux Security Advisory 202402-16 - Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Versions less than or equal to 1.2.17 are affected.
79e0825715a2197c39850bba10de0d238187f4c93dcdf24c6b31b702cdb3131e
Red Hat Security Advisory 2022-0507-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This Service Pack release of Red Hat JBoss Data Virtualization 6.4.8.SP2 serves as a replacement for Red Hat JBoss Data Virtualization 6.4.8 and Red Hat JBoss Data Virtualization 6.4.8.SP1, and mitigates the impact of the log4j CVE's referenced in this document by removing the affected classes from the patch. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.
fbe91d1bc3ed2e3fbb1fa5ff2f36ba68eca8d2c1b922285bb6706923bbca97ff
Red Hat Security Advisory 2022-0497-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This Service Pack release of Red Hat JBoss Data Virtualization 6.4.8.SP1 serves as a replacement for Red Hat JBoss Data Virtualization 6.4.8, and mitigates the impact of the log4j CVE's referenced in this document by removing the affected classes from the patch. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.
6c39fe299319c65184c9323080800c96f0b6e163fb623cde6dac60e579651689
Debian Linux Security Advisory 5020-1 - Chen Zhaojun of Alibaba Cloud Security Team discovered a critical security vulnerability in Apache Log4j, a popular Logging Framework for Java. JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From version 2.15.0, this behavior has been disabled by default.
d0aca50b8b49a7bc8f1bbb01cb127d84b478f189d829e302cdf52f86f86356a3
Red Hat Security Advisory 2021-5134-05 - This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, information leakage, memory leak, privilege escalation, server-side request forgery, and traversal vulnerabilities.
9284d27525337878d1b616a42ec6964f345739a90a655ed05cfae5b196bdeacd
Red Hat Security Advisory 2021-1044-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management, and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.10.1 serves as an update to Red Hat Process Automation Manager 7.10.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
797bd042bd64f6d3fc9fc559347999470fa3a64e11160e24236ffa68caed892f
Red Hat Security Advisory 2021-0603-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.10.0 serves as an update to Red Hat Decision Manager 7.9.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a remote SQL injection vulnerability.
9e5380638de7bd23fb712413abf091625b50472b11616e1726023c7df7b8c3ae
Red Hat Security Advisory 2020-3817-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a denial of service vulnerability.
c31e8a62adaba2912f29ff3f05dec778352f1114344bfcbd0a5cdb4a27329b11
Red Hat Security Advisory 2020-3779-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include XML injection, bypass, and improper authorization vulnerabilities.
bda9f859f02dbc7e3933821e8b9f636c5252aa584253a3ce3cca3733655cb6b0
Red Hat Security Advisory 2020-3626-01 - Red Hat Data Grid is a distributed, in-memory datastore. This release of Red Hat Data Grid 8.1.0 replaces Red Hat Data Grid 8.0, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.
637a3a27735c2ee5f9135aa2dd799bd97e2069af5df9dd68a49e84031a462ca7
Red Hat Security Advisory 2020-2391-01 - This release of Red Hat build of Eclipse Vert.x 3.9.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.
0bf84d09290162e4a44286894eba94cd5ac5dea1b72b1061f07b53430a82dee6