Showing 1 - 7 of 7

CVE-2022-46364

Status Candidate

Overview

A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.

Related Files

Red Hat Security Advisory 2023-3641-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3641-01 - This release of Camel for Spring Boot 3.18.3.P2 serves as a replacement for Camel for Spring Boot 3.18.3.P1 and includes bug fixes and enhancements, which are documented in the Release Notes linked in the References. Issues addressed include denial of service, deserialization, resource exhaustion, and server-side request forgery vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-40152, CVE-2022-40156, CVE-2022-41854, CVE-2022-42003, CVE-2022-42004, CVE-2022-45047, CVE-2022-46363, CVE-2022-46364, CVE-2023-1370; SHA-256 | eb79672d81b6aa5092fafd004e07db829635eeae6f5dd78abb16d98cdb9e3928; Download | Favorite | View

Red Hat Security Advisory 2023-1285-01: Posted Mar 20, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-1285-01 - Migration Toolkit for Runtimes 1.0.2 ZIP artifacts. Issues addressed include privilege escalation, server-side request forgery, and traversal vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2022-31690, CVE-2022-3782, CVE-2022-46364; SHA-256 | fba0bc9c40f8531e652357bd8a648a346250378dc0b43249ddd4aabace8918a3; Download | Favorite | View

Red Hat Security Advisory 2023-0544-01: Posted Jan 31, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0544-01 - This patch, Camel for Spring Boot 3.14.5 Patch 1, serves as a replacement for the previous release of Camel for Spring Boot 3.14.5 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. This release of Camel for Spring Boot includes CXF artifacts that were missing from the previous 3.14.5 release. Issues addressed include a server-side request forgery vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-40149, CVE-2022-45693, CVE-2022-46363, CVE-2022-46364; SHA-256 | 489c108fec329cf77b35d28d1f85ba5d1b39602e1324910c726cb4f3b1be1bfc; Download | Favorite | View

Red Hat Security Advisory 2023-0483-01: Posted Jan 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0483-01 - This asynchronous update patches Red Hat Fuse 7.11.1 on Karaf and Red Hat Fuse 7.11.1 on Spring Boot and several includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-36437, CVE-2022-46363, CVE-2022-46364; SHA-256 | 8f9316d84695f7a1de0a7f1c9e9cbe4e5d4794f1300c5e7d3e5f1914195b8252; Download | Favorite | View

Red Hat Security Advisory 2023-0163-01: Posted Jan 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0163-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.; tags | advisory, java; systems | linux, redhat; advisories | CVE-2022-46364; SHA-256 | d55d12dfc8660dd2ed19af26307d3d77442e78e3c73a603fb139af29c4a6822f; Download | Favorite | View

Red Hat Security Advisory 2023-0163-01: Posted Jan 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0163-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.; tags | advisory, java; systems | linux, redhat; advisories | CVE-2022-46364; SHA-256 | d55d12dfc8660dd2ed19af26307d3d77442e78e3c73a603fb139af29c4a6822f; Download | Favorite | View

Red Hat Security Advisory 2023-0164-01: Posted Jan 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0164-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.; tags | advisory, java; systems | linux, redhat; advisories | CVE-2022-46364; SHA-256 | 616521c388a566f932319b081aa87e65cb569e58ad0c35329e4380e9a0b8cb49; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 52 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,960)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,989)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2022-46364

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems