Multiple vulnerabilities in Red Hat OpenShift Logging 5.4



Published: 2022-11-16 | Updated: 2023-02-03
Risk High
Patch available YES
Number of vulnerabilities 23
CVE-ID CVE-2022-22629
CVE-2022-40674
CVE-2022-37434
CVE-2022-30293
CVE-2022-26719
CVE-2022-26717
CVE-2022-26716
CVE-2022-26710
CVE-2022-26709
CVE-2022-26700
CVE-2022-22662
CVE-2022-22628
CVE-2020-36518
CVE-2022-22624
CVE-2022-3515
CVE-2022-2509
CVE-2022-1304
CVE-2020-35527
CVE-2020-35525
CVE-2016-3709
CVE-2022-42004
CVE-2022-42003
CVE-2022-32149
CWE-ID CWE-122
CWE-416
CWE-119
CWE-200
CWE-787
CWE-190
CWE-415
CWE-125
CWE-476
CWE-79
CWE-400
CWE-502
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #3 is available.
Public exploit code for vulnerability #6 is available.
Vulnerable software
Subscribe
OpenShift Logging
Server applications / Other server solutions

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 23 vulnerabilities.

1) Heap-based buffer overflow

EUVDB-ID: #VU61337

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22629

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content within the WebGLMultiDraw component. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Use-after-free

EUVDB-ID: #VU67532

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-40674

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the doContent() function in xmlparse.c. A remote attacker can pass specially crafted input to the application that is using the affected library, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Heap-based buffer overflow

EUVDB-ID: #VU66153

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-37434

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing a large gzip header within inflateGetHeader in inflate.c. A remote attacker can pass a specially crafted file to the affected application, trigger heap-based buffer overflow and execute arbitrary code on the target system.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Heap-based buffer overflow

EUVDB-ID: #VU63822

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-30293

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the WebCore::TextureMapperLayer::setContentsLayer() function in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. A remote attacker can trick the victim into visiting a specially crafted web page, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Buffer overflow

EUVDB-ID: #VU63284

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26719

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Use-after-free

EUVDB-ID: #VU63282

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26717

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Buffer overflow

EUVDB-ID: #VU63283

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26716

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Use-after-free

EUVDB-ID: #VU63281

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26710

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Use-after-free

EUVDB-ID: #VU63280

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26709

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Buffer overflow

EUVDB-ID: #VU63279

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26700

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Information disclosure

EUVDB-ID: #VU61333

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-22662

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a cookie management issue in WebKit. A remote attacker can trick the victim to open a specially crafted webpage and gain access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Use-after-free

EUVDB-ID: #VU61336

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22628

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Out-of-bounds write

EUVDB-ID: #VU61799

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-36518

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can trigger out-of-bounds write and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Use-after-free

EUVDB-ID: #VU61335

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22624

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Integer overflow

EUVDB-ID: #VU68376

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-3515

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the CRL parser in libksba. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Double Free

EUVDB-ID: #VU65915

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-2509

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within gnutls_pkcs7_verify() function when verifying the pkcs7 signatures. A remote attacker can pass specially crafted data to the application, trigger a double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Out-of-bounds write

EUVDB-ID: #VU64075

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-1304

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A local attacker can use a specially crafted filesystem, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Out-of-bounds read

EUVDB-ID: #VU67412

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-35527

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling ALTER TABLE for views that have a nested FROM clause. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) NULL pointer dereference

EUVDB-ID: #VU67411

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-35525

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the INTERSEC query processing. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Cross-site scripting

EUVDB-ID: #VU66123

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2016-3709

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Resource exhaustion

EUVDB-ID: #VU68832

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-42004

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control usage of deeply nested arrays in BeanDeserializer._deserializeFromArray. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Deserialization of Untrusted Data

EUVDB-ID: #VU68635

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-42003

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure input validation when processing serialized data when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. A remote attacker can pass specially crafted data to the application and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Resource exhaustion

EUVDB-ID: #VU68897

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32149

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to ParseAcceptLanguage does not properly control consumption of internal resources. A remote attacker can send a specially crafted Accept-Language header that will take a significant time to parse and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

OpenShift Logging: 5.4.0 - 5.4.7


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:7435

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###