Fedora Account System
Red Hat Associate
Red Hat Customer
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks. This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10.
This issue has been addressed in the following products: Red Hat Data Grid 8.4.4 Via RHSA-2023:5396 https://access.redhat.com/errata/RHSA-2023:5396
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 Via RHSA-2023:7639 https://access.redhat.com/errata/RHSA-2023:7639
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 Via RHSA-2023:7637 https://access.redhat.com/errata/RHSA-2023:7637
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 Via RHSA-2023:7638 https://access.redhat.com/errata/RHSA-2023:7638
This issue has been addressed in the following products: EAP 7.4.14 Via RHSA-2023:7641 https://access.redhat.com/errata/RHSA-2023:7641
This issue has been addressed in the following products: Red Hat build of Quarkus 2.13.9 Via RHSA-2023:7700 https://access.redhat.com/errata/RHSA-2023:7700
This issue has been addressed in the following products: Red Hat Integration Via RHSA-2023:7705 https://access.redhat.com/errata/RHSA-2023:7705
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 Via RHSA-2024:1193 https://access.redhat.com/errata/RHSA-2024:1193
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 Via RHSA-2024:1192 https://access.redhat.com/errata/RHSA-2024:1192
This issue has been addressed in the following products: EAP 8.0.1 Via RHSA-2024:1194 https://access.redhat.com/errata/RHSA-2024:1194
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7 Via RHSA-2023:7641 https://access.redhat.com/errata/RHSA-2023:7641