Bug 2047417 (CVE-2022-23181)
Summary: | CVE-2022-23181 tomcat: local privilege escalation vulnerability | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | aileenc, alazarot, alee, anstephe, asoldano, atangrin, avibelli, bbaranow, bgeorges, bmaxwell, brian.stansberry, cdewolf, chazlett, cmoulliard, coolsvap, csutherl, darran.lofthouse, dbecker, dkreling, dosoudil, drieden, eleandro, emingora, fjuma, gmalinko, gzaronikas, gzaronik, huwang, ibek, ikanello, ivan.afonichev, iweiss, janstey, java-sig-commits, jclere, jjoyce, jochrist, jolee, jpallich, jperkins, jrokos, jschatte, jschluet, jwon, krzysztof.daniel, kverlaen, kwills, lgao, lhh, lpeer, lthon, mburns, mkolesni, mnovotny, msochure, msvehla, nwallace, pdelbell, peholase, pgallagh, pjindal, pmackay, rguimara, rhcs-maint, rrajasek, rruss, rstancel, rsvoboda, sclewis, scohen, slinaber, smaestri, szappis, tom.jenkinson, yborgess |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2022-12-03 03:03:25 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2047418, 2047419, 2052082 | ||
Bug Blocks: | 2047420 |
Description
Guilherme de Almeida Suckevicz
2022-01-27 19:29:10 UTC
Created tomcat tracking bugs for this issue: Affects: fedora-all [bug 2047419] Created tomcat:master/tomcat tracking bugs for this issue: Affects: fedora-all [bug 2047418] This issue has been addressed in the following products: Red Hat Fuse 7.11 Via RHSA-2022:5532 https://access.redhat.com/errata/RHSA-2022:5532 This issue has been addressed in the following products: JWS 5.7.0 Via RHSA-2022:7273 https://access.redhat.com/errata/RHSA-2022:7273 This issue has been addressed in the following products: Red Hat JBoss Web Server 5.7 on RHEL 9 Red Hat JBoss Web Server 5.7 on RHEL 7 Red Hat JBoss Web Server 5.7 on RHEL 8 Via RHSA-2022:7272 https://access.redhat.com/errata/RHSA-2022:7272 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-23181 This issue has been addressed in the following products: Spring Boot 2.7.2.SP1 Via RHSA-2023:0272 https://access.redhat.com/errata/RHSA-2023:0272 |