RHSA-2024:3061 -- Redhat resteasy, tomcatjss, apache-commons-collections, apache-commons-lang, apache-commons-net, fasterxml-oss-parent, glassfish-fastinfoset, glassfish-jaxb, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-jaxrs-providers, jackson-modules-base, jackson-parent, jakarta-commons-httpclient, javassist, pki-servlet-engine, relaxngDatatype, slf4j, stax-ex, velocity, xalan-j2, xerces-j2, xml-commons-apis, xml-commons-resolver, xmlstreambuffer, xsom-0, idm-ldapjdk, idm-pki-acme, idm-pki-base, idm-pki-ca, idm-pki-kra, idm-pki-server, idm-tomcatjss, python3-idm-pki, jackson-jaxrs-json-provider, jackson-module-jaxb-annotations, idm-jss, idm-pki-symkey, idm-pki-toolsID: oval:org.secpod.oval:def:509344 | Date: (C)2024-06-05 (M)2024-06-05 | Class: PATCH | Family: unix |
The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: jackson-databind: denial of service via a large depth of nested objects For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section. Platform: | Red Hat Enterprise Linux 8 |
Product: | resteasy | bea-stax | tomcatjss | apache-commons-collections | apache-commons-lang | apache-commons-net | fasterxml-oss-parent | glassfish-fastinfoset | glassfish-jaxb | jackson-annotations | jackson-bom | jackson-core | jackson-databind | jackson-jaxrs-providers | jackson-modules-base | jackson-parent | jakarta-commons-httpclient | javassist | pki-servlet-engine | relaxngDatatype | slf4j | stax-ex | velocity | xalan-j2 | xerces-j2 | xml-commons-apis | xml-commons-resolver | xmlstreambuffer | xsom-0 | jackson-jaxrs-json-provider | jackson-module-jaxb-annotations |
|