What is the severity of RHSA-2022:0222?

The severity of RHSA-2022:0222 is categorized as critical due to the remote code execution vulnerability associated with log4j-core.

How do I fix RHSA-2022:0222?

To fix RHSA-2022:0222, update Red Hat Integration - Camel Extensions for Quarkus to the latest version that addresses the identified security issues.

What vulnerabilities are addressed in RHSA-2022:0222?

RHSA-2022:0222 addresses vulnerabilities including remote code execution via JDBC Appender (CVE-2021-44832) and denial of service in log4j 2.x.

Is there a workaround for RHSA-2022:0222?

No specific workaround is suggested for RHSA-2022:0222; the recommended action is to apply the security update provided.

Vulnerability/
RHSA-2022:0222

20/1/2022

RHSA-2022:0222: Moderate: Red Hat Integration Camel Extensions for Quarkus 2.2 security update

First published: Thu Jan 20 2022(Updated: )

This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):<br>Security Fix(es):<br><li> log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)</li> <li> log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)</li> <li> log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
Red Hat Integration - Camel Extensions for Quarkus

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2022:0222?
The severity of RHSA-2022:0222 is categorized as critical due to the remote code execution vulnerability associated with log4j-core.
How do I fix RHSA-2022:0222?
To fix RHSA-2022:0222, update Red Hat Integration - Camel Extensions for Quarkus to the latest version that addresses the identified security issues.
What vulnerabilities are addressed in RHSA-2022:0222?
RHSA-2022:0222 addresses vulnerabilities including remote code execution via JDBC Appender (CVE-2021-44832) and denial of service in log4j 2.x.
Which software versions are affected by RHSA-2022:0222?
RHSA-2022:0222 affects versions of Red Hat Integration - Camel Extensions for Quarkus prior to the latest patched release.
Is there a workaround for RHSA-2022:0222?
No specific workaround is suggested for RHSA-2022:0222; the recommended action is to apply the security update provided.

agent/severity
agent/type
agent/event
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:0222
agent/first-publish-date
agent/trending
agent/remedy
agent/title
agent/references
agent/description
agent/source
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
agent/tags

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.