A Template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution (RCE) vulnerability. Upstream Advisory: https://github.com/jmrozanec/cron-utils/security/advisories/GHSA-p9m8-27x8-rg87
This issue has been addressed in the following products: Red Hat build of Quarkus 2.2.5 Via RHSA-2022:0589 https://access.redhat.com/errata/RHSA-2022:0589
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-41269
This issue has been addressed in the following products: RHINT Camel-Q 2.2.1 Via RHSA-2022:1013 https://access.redhat.com/errata/RHSA-2022:1013
This issue has been addressed in the following products: RHINT Service Registry 2.3.0 GA Via RHSA-2022:6835 https://access.redhat.com/errata/RHSA-2022:6835