RHSA-2024:3061 -- Redhat resteasy, tomcatjss, apache-commons-collections, apache-commons-lang, apache-commons-net, fasterxml-oss-parent, glassfish-fastinfoset, glassfish-jaxb, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-jaxrs-providers, jackson-modules-base, jackson-parent, jakarta-commons-httpclient, javassist, pki-servlet-engine, relaxngDatatype, slf4j, stax-ex, velocity, xalan-j2, xerces-j2, xml-commons-apis, xml-commons-resolver, xmlstreambuffer, xsom-0, idm-ldapjdk, idm-pki-acme, idm-pki-base, idm-pki-ca, idm-pki-kra, idm-pki-server, idm-tomcatjss, python3-idm-pki, jackson-jaxrs-json-provider, jackson-module-jaxb-annotations, idm-jss, idm-pki-symkey, idm-pki-tools| ID: oval:org.secpod.oval:def:509344 | Date: (C)2024-06-05 (M)2024-06-05 | | Class: PATCH | Family: unix |
The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: jackson-databind: denial of service via a large depth of nested objects For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section. | Platform: | | Red Hat Enterprise Linux 8 |
| Product: | | resteasy | | bea-stax | | tomcatjss | | apache-commons-collections | | apache-commons-lang | | apache-commons-net | | fasterxml-oss-parent | | glassfish-fastinfoset | | glassfish-jaxb | | jackson-annotations | | jackson-bom | | jackson-core | | jackson-databind | | jackson-jaxrs-providers | | jackson-modules-base | | jackson-parent | | jakarta-commons-httpclient | | javassist | | pki-servlet-engine | | relaxngDatatype | | slf4j | | stax-ex | | velocity | | xalan-j2 | | xerces-j2 | | xml-commons-apis | | xml-commons-resolver | | xmlstreambuffer | | xsom-0 | | jackson-jaxrs-json-provider | | jackson-module-jaxb-annotations |
|
