Ubuntu Security Notice 5525-1 - It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information.
5a7567c51fc5535217fe76db85a30037524b5faac7d584fbe7e0d988cc43929b
Red Hat Security Advisory 2022-1013-01 - Red Hat Integration - Camel Extensions for Quarkus 2.2.1 serves as a replacement for 2.2 and includes security fixes. Issues addressed include code execution, denial of service, deserialization, information leakage, and memory leak vulnerabilities.
d5cfb7d93bd17d4a300c3574ceea4314e4c04e0e4b82484593f5c02a870e2682
Red Hat Security Advisory 2022-0501-01 - This release of Red Hat Integration - Service registry 2.0.3.GA serves as a replacement for 2.0.2.GA, and includes the below security fixes. Issues addressed include an information leakage vulnerability.
83eb7f9ca68d2408390c8d7bf2cc3097aaa41d5957178dfd4e7dbd8d2976ef0b
Red Hat Security Advisory 2022-0164-03 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.5.1 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.9 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include bypass and information leakage vulnerabilities.
3a8bbc1780dd6f365c4b4e8fe93df715d40afa62fb70641a0bf5d979e9c1b912
Red Hat Security Advisory 2022-0151-03 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.1 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.
58000de140e3d3f0dabe35ca4d75bf5d6dbf2f32e97e7b395b0b00dfe622f73b
Red Hat Security Advisory 2022-0152-03 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.1 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.
0ed86369a80e5736d497a6379e1db453c189723656c59cdb55f9326e33e2fe50
Red Hat Security Advisory 2022-0155-03 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.1 serves as a replacement for Red Hat Single Sign-On 7.5.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and information leakage vulnerabilities.
4c0b16a974bf253bc32ca22c28c4edf3c4e06956e38c42a867c7ba9cb78f69f6
Red Hat Security Advisory 2022-0146-03 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP2 code base. Issues addressed include an information leakage vulnerability.
7af4f257f12fe165832eb9fd7484172dbd87978b575ed09f371289b7adcf11e1
Red Hat Security Advisory 2021-5150-03 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.
e85e9000dde17f481a5731cd48390f0fbb11a27b285e3a42bc9ca052fc015555
Red Hat Security Advisory 2021-5154-04 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.
adfdf251d26cf53c9dac873caa8ba7a73629a880ec6c3afc58caaf6c4485b9b4
Red Hat Security Advisory 2021-5151-01 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.
8aced2ea2f3db3ab202ff3a9d45dc61d7c78032e4c5633894e4d48bf4e25409c
Red Hat Security Advisory 2021-5170-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.10 serves as a replacement for Red Hat Single Sign-On 7.4.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.
7574e9d9a51e537267bd70407996077232803ce301b3fe0069d0d580ddb38725
Red Hat Security Advisory 2021-5149-05 - This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include an information leakage vulnerability.
0e2ab48ce2c381158112e592f0331bf5dc51b8a4262304ef8c1c512c78060894
Debian Linux Security Advisory 5010-1 - Apache Santuario - XML Security for Java is vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
287a5690f611c2d9a93b84ab409ee0c9fa54818656b8b0b546738a2972280154