Red Hat Security Advisory 2020-3192-01 - This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, XML injection, bypass, cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.
7c2d2464e2e75c435724268e7235a048d87b1886dbc11e01f6fa6141b8a86b2c
Red Hat Security Advisory 2020-2333-01 - Red Hat JBoss Enterprise Application Platform CD19 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD19 includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, and out of bounds read vulnerabilities.
60c6cfb83e5036b1ce51c4410ffab8547065d86cf420e7222face7dc4b27fe8f
Red Hat Security Advisory 2020-2321-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.6 serves as a replacement for Red Hat Data Grid 7.3.5 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include HTTP request smuggling, cross site scripting, out of bounds read, and traversal vulnerabilities.
37188b4f3d0ad45e53ae50f81ab79f3432ce0a83d98c55f4c8cc57bb3deb1677
Red Hat Security Advisory 2020-2067-01 - This release of Red Hat build of Thorntail 2.5.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, bypass, cross site request forgery, cross site scripting, denial of service, and out of bounds read vulnerabilities.
4f6b06242c907c4bb9882a9c0dd20ae51f06eb541c38e1084bc175618d6a5cbd
Red Hat Security Advisory 2020-1644-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
29e6493fd433b2beb7b0a244243922e66ee6eaaf7f9bb68af68fee179e1e2ac1
Red Hat Security Advisory 2020-0939-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.4.0 serves as a replacement for Red Hat AMQ Streams 1.3.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a code execution vulnerability.
99bc63d1d1b7897c5007d7edd2cde6b0584b2ea1fcb8f8b53be733a054867748
Red Hat Security Advisory 2020-0899-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.7.0 serves as an update to Red Hat Decision Manager 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and information leakage vulnerabilities.
6dc0bee46ae83df24b65f4b121ac28f4c6c27bf61cce900bb24005260e64280f
Red Hat Security Advisory 2020-0895-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.7.0 serves as an update to Red Hat Process Automation Manager 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and information leakage vulnerabilities.
68365edad4d51d43928f00ea3d007b3bb4188e75ebd143a26aa04d7b9cae4f4c
Red Hat Security Advisory 2020-0445-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.6 serves as a replacement for Red Hat Single Sign-On 7.3.5, and includes bug fixes and enhancements. Issues addressed include code execution, cross site scripting, and deserialization vulnerabilities.
7dca04990d431ccd46b4698b913388ccc5f790d18cc0d93d2ed9c87273fbb6bd
Red Hat Security Advisory 2020-0159-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
4c68edb9ce5307910746ddaf7983db6ccc20f5e66ffe21ff43f420f0bcc6ed57
Red Hat Security Advisory 2020-0164-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
d80897b9386d45d21fa3de507c1a3565f65076ee6cedba8dccf537b386caee95
Red Hat Security Advisory 2020-0161-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
aa30889066bf31b9a421f766f4614ab8025e18477f56dfda7d412b5d5a041b18
Red Hat Security Advisory 2020-0160-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
7fcb80bd6c32646bede08c20476e83f632904133d983186ce809962115845421
Red Hat Security Advisory 2019-3901-01 - Red Hat OpenShift Application Runtimes provide an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Vert.x 3.8.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes linked to in the References section. Issues addressed include code execution and deserialization vulnerabilities.
c9c5b0746f972193f09651db45c773093205fbfb73353adb1d47b9b1d7e33ee4
Debian Linux Security Advisory 4542-1 - It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary files on the server.
3b0c7bdc4a347077c77854e783302a4d041ee2eb869b09d42d5f6680628b4bf5