What is the severity of RHSA-2022:0291?

The severity of RHSA-2022:0291 has not been explicitly stated but vulnerabilities in monitoring tools like Parfait can lead to significant security risks.

How do I fix RHSA-2022:0291?

To fix RHSA-2022:0291, update the affected packages to the latest versions provided in the Red Hat advisory.

Which packages are affected by RHSA-2022:0291?

Affected packages include parfait, si-units, unit-api, uom-lib, uom-parent, uom-se, and uom-systems among others listed in the advisory.

Is RHSA-2022:0291 related to Java performance monitoring?

Yes, RHSA-2022:0291 pertains to vulnerabilities found in the Parfait Java performance monitoring library.

What actions should I take after identifying RHSA-2022:0291 on my system?

After identifying RHSA-2022:0291, it's crucial to promptly assess the risk, update affected packages, and maintain regular system vulnerability assessments.

Vulnerability/
RHSA-2022:0291

CWE

26/1/2022

RHSA-2022:0291: Important: parfait:0.5 security update

First published: Wed Jan 26 2022(Updated: )

Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot (PCP) using the Memory Mapped Value (MMV) machinery for extremely lightweight instrumentation.<br>Security Fix(es):<br><li> log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)</li> <li> log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)</li> <li> log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)</li> <li> log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2022:0291?
The severity of RHSA-2022:0291 has not been explicitly stated but vulnerabilities in monitoring tools like Parfait can lead to significant security risks.
How do I fix RHSA-2022:0291?
To fix RHSA-2022:0291, update the affected packages to the latest versions provided in the Red Hat advisory.
Which packages are affected by RHSA-2022:0291?
Affected packages include parfait, si-units, unit-api, uom-lib, uom-parent, uom-se, and uom-systems among others listed in the advisory.
Is RHSA-2022:0291 related to Java performance monitoring?
Yes, RHSA-2022:0291 pertains to vulnerabilities found in the Parfait Java performance monitoring library.
What actions should I take after identifying RHSA-2022:0291 on my system?
After identifying RHSA-2022:0291, it's crucial to promptly assess the risk, update affected packages, and maintain regular system vulnerability assessments.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:0291
agent/software-canonical-lookup
agent/title
agent/references
agent/weakness
agent/remedy
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat