Showing 1 - 7 of 7

CVE-2022-46364

Status Candidate

Overview

A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.

Related Files

Red Hat Security Advisory 2023-3641-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3641-01 - This release of Camel for Spring Boot 3.18.3.P2 serves as a replacement for Camel for Spring Boot 3.18.3.P1 and includes bug fixes and enhancements, which are documented in the Release Notes linked in the References. Issues addressed include denial of service, deserialization, resource exhaustion, and server-side request forgery vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-40152, CVE-2022-40156, CVE-2022-41854, CVE-2022-42003, CVE-2022-42004, CVE-2022-45047, CVE-2022-46363, CVE-2022-46364, CVE-2023-1370; SHA-256 | eb79672d81b6aa5092fafd004e07db829635eeae6f5dd78abb16d98cdb9e3928; Download | Favorite | View

Red Hat Security Advisory 2023-1285-01: Posted Mar 20, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-1285-01 - Migration Toolkit for Runtimes 1.0.2 ZIP artifacts. Issues addressed include privilege escalation, server-side request forgery, and traversal vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2022-31690, CVE-2022-3782, CVE-2022-46364; SHA-256 | fba0bc9c40f8531e652357bd8a648a346250378dc0b43249ddd4aabace8918a3; Download | Favorite | View

Red Hat Security Advisory 2023-0544-01: Posted Jan 31, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0544-01 - This patch, Camel for Spring Boot 3.14.5 Patch 1, serves as a replacement for the previous release of Camel for Spring Boot 3.14.5 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. This release of Camel for Spring Boot includes CXF artifacts that were missing from the previous 3.14.5 release. Issues addressed include a server-side request forgery vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-40149, CVE-2022-45693, CVE-2022-46363, CVE-2022-46364; SHA-256 | 489c108fec329cf77b35d28d1f85ba5d1b39602e1324910c726cb4f3b1be1bfc; Download | Favorite | View

Red Hat Security Advisory 2023-0483-01: Posted Jan 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0483-01 - This asynchronous update patches Red Hat Fuse 7.11.1 on Karaf and Red Hat Fuse 7.11.1 on Spring Boot and several includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-36437, CVE-2022-46363, CVE-2022-46364; SHA-256 | 8f9316d84695f7a1de0a7f1c9e9cbe4e5d4794f1300c5e7d3e5f1914195b8252; Download | Favorite | View

Red Hat Security Advisory 2023-0163-01: Posted Jan 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0163-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.; tags | advisory, java; systems | linux, redhat; advisories | CVE-2022-46364; SHA-256 | d55d12dfc8660dd2ed19af26307d3d77442e78e3c73a603fb139af29c4a6822f; Download | Favorite | View

Red Hat Security Advisory 2023-0163-01: Posted Jan 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0163-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.; tags | advisory, java; systems | linux, redhat; advisories | CVE-2022-46364; SHA-256 | d55d12dfc8660dd2ed19af26307d3d77442e78e3c73a603fb139af29c4a6822f; Download | Favorite | View

Red Hat Security Advisory 2023-0164-01: Posted Jan 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0164-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.; tags | advisory, java; systems | linux, redhat; advisories | CVE-2022-46364; SHA-256 | 616521c388a566f932319b081aa87e65cb569e58ad0c35329e4380e9a0b8cb49; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 247 files
Jay Turla 150 files
indoushka 139 files
Ubuntu 61 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

CVE-2022-46364

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems