Fuse Red Hat Fuse

Do you want an email whenever new security vulnerabilities are reported in Red Hat Fuse?

Recent Red Hat Fuse Security Advisories

Advisory Title Published
RHSA-2022:4932 (RHSA-2022:4932) Important: Red Hat Fuse 7.10.2.P1 security update June 7, 2022
RHSA-2022:1360 (RHSA-2022:1360) Low: Red Hat Fuse 7.10.2 release and security update April 13, 2022
RHSA-2022:0661 (RHSA-2022:0661) Moderate: Red Hat Fuse 7.10.1 release and security update February 23, 2022
RHSA-2022:0553 (RHSA-2022:0553) Important: Red Hat JBoss Fuse/A-MQ 6.3 R20 security and bug fix update February 15, 2022
RHSA-2022:0203 (RHSA-2022:0203) Critical: Red Hat Fuse 7.8-7.10 security update January 20, 2022
RHSA-2021:5134 (RHSA-2021:5134) Critical: Red Hat Fuse 7.10.0 release and security update December 14, 2021
RHSA-2021:3140 (RHSA-2021:3140) Moderate: Red Hat Fuse 7.9.0 release and security update August 11, 2021
RHSA-2021:1401 (RHSA-2021:1401) Moderate: Red Hat Fuse 7.8.1 patch release and security update April 27, 2021

By the Year

In 2022 there have been 1 vulnerability in Red Hat Fuse with an average score of 5.9 out of ten. Last year Fuse had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Fuse in 2022 could surpass last years number. Last year, the average CVE base score was greater by 0.20

Year Vulnerabilities Average Score
2022 1 5.90
2021 1 6.10
2020 3 6.50
2019 5 7.02
2018 3 7.97

It may take a day or so for new Fuse vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Fuse Security Vulnerabilities

A flaw was found in undertow

CVE-2021-3597 5.9 - Medium - May 24, 2022

A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.

Race Condition

A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final

CVE-2020-10688 6.1 - Medium - May 27, 2021

A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.

XSS

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections

CVE-2020-25689 6.5 - Medium - November 02, 2020

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.

Memory Leak

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1

CVE-2019-14900 6.5 - Medium - July 06, 2020

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

SQL Injection

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes

CVE-2020-10719 6.5 - Medium - May 26, 2020

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

HTTP Request Smuggling

A vulnerability was found in Infinispan such

CVE-2019-10174 8.8 - High - November 25, 2019

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.

Reflection Injection

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins

CVE-2019-14860 6.5 - Medium - November 08, 2019

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.

Improper Input Validation

A vulnerability was found in Hibernate-Validator

CVE-2019-10219 6.1 - Medium - November 08, 2019

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

XSS

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta

CVE-2019-0201 5.9 - Medium - May 23, 2019

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeepers getACL() command doesnt check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by getACL() request for unauthenticated or unprivileged users.

AuthZ

A specifically crafted Docker image running under the root user

CVE-2019-0204 7.8 - High - March 25, 2019

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain root-level code execution on the host.

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security

CVE-2018-1258 8.8 - High - May 11, 2018

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

AuthZ

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions

CVE-2018-1270 9.8 - Critical - April 06, 2018

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

Code Injection

Spring Security (Spring Security 4.1.x before 4.1.5

CVE-2018-1199 5.3 - Medium - March 16, 2018

Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.

Improper Input Validation

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent

CVE-2017-5645 9.8 - Critical - April 17, 2017

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

Marshaling, Unmarshaling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Netty or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

Red Hat Fuse
Product

subscribe