Lucene search

K

RedHatRHSA-2023:0634

HistoryFeb 09, 2023 - 1:59 p.m.

(RHSA-2023:0634) Moderate: Red Hat OpenShift (Logging Subsystem) security update

2023-02-0913:59:38

access.redhat.com

25

red hat openshift

logging subsystem

5.6.1

security fix

glob-parent

regular expression denial of service

json5

prototype pollution

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

0.006 Low

EPSS

Percentile

78.0%

Logging Subsystem 5.6.1 - Red Hat OpenShift

Security Fix(es):

glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

0.006 Low

EPSS

Percentile

78.0%

Related for RHSA-2023:0634

redhat13 ibm4 nessus80 osv12 openvas51 amazon3 rocky4 redos2 debian3 slackware1 cloudfoundry2 almalinux4 fedora5 suse2 oraclelinux4 ubuntu2 freebsd1 altlinux1 mageia2 rosalinux1 gentoo1 photon1