First published: Wed Jan 26 2022(Updated: )
Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot (PCP) using the Memory Mapped Value (MMV) machinery for extremely lightweight instrumentation.<br>Security Fix(es):<br><li> log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)</li> <li> log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)</li> <li> log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)</li> <li> log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/parfait | <0.5.4-4.module+el8.1.0+14000+df5fdac7 | 0.5.4-4.module+el8.1.0+14000+df5fdac7 |
redhat/si-units | <0.6.5-2.module+el8+2463+615f6896 | 0.6.5-2.module+el8+2463+615f6896 |
redhat/unit-api | <1.0-5.module+el8+2463+615f6896 | 1.0-5.module+el8+2463+615f6896 |
redhat/uom-lib | <1.0.1-6.module+el8+2463+615f6896 | 1.0.1-6.module+el8+2463+615f6896 |
redhat/uom-parent | <1.0.3-3.module+el8+2463+615f6896 | 1.0.3-3.module+el8+2463+615f6896 |
redhat/uom-se | <1.0.4-3.module+el8+2463+615f6896 | 1.0.4-3.module+el8+2463+615f6896 |
redhat/uom-systems | <0.7-1.module+el8+2463+615f6896 | 0.7-1.module+el8+2463+615f6896 |
redhat/parfait | <0.5.4-4.module+el8.1.0+14000+df5fdac7 | 0.5.4-4.module+el8.1.0+14000+df5fdac7 |
redhat/parfait-examples | <0.5.4-4.module+el8.1.0+14000+df5fdac7 | 0.5.4-4.module+el8.1.0+14000+df5fdac7 |
redhat/parfait-javadoc | <0.5.4-4.module+el8.1.0+14000+df5fdac7 | 0.5.4-4.module+el8.1.0+14000+df5fdac7 |
redhat/pcp-parfait-agent | <0.5.4-4.module+el8.1.0+14000+df5fdac7 | 0.5.4-4.module+el8.1.0+14000+df5fdac7 |
redhat/si-units | <0.6.5-2.module+el8+2463+615f6896 | 0.6.5-2.module+el8+2463+615f6896 |
redhat/si-units-javadoc | <0.6.5-2.module+el8+2463+615f6896 | 0.6.5-2.module+el8+2463+615f6896 |
redhat/unit-api | <1.0-5.module+el8+2463+615f6896 | 1.0-5.module+el8+2463+615f6896 |
redhat/unit-api-javadoc | <1.0-5.module+el8+2463+615f6896 | 1.0-5.module+el8+2463+615f6896 |
redhat/uom-lib | <1.0.1-6.module+el8+2463+615f6896 | 1.0.1-6.module+el8+2463+615f6896 |
redhat/uom-lib-javadoc | <1.0.1-6.module+el8+2463+615f6896 | 1.0.1-6.module+el8+2463+615f6896 |
redhat/uom-parent | <1.0.3-3.module+el8+2463+615f6896 | 1.0.3-3.module+el8+2463+615f6896 |
redhat/uom-se | <1.0.4-3.module+el8+2463+615f6896 | 1.0.4-3.module+el8+2463+615f6896 |
redhat/uom-se-javadoc | <1.0.4-3.module+el8+2463+615f6896 | 1.0.4-3.module+el8+2463+615f6896 |
redhat/uom-systems | <0.7-1.module+el8+2463+615f6896 | 0.7-1.module+el8+2463+615f6896 |
redhat/uom-systems-javadoc | <0.7-1.module+el8+2463+615f6896 | 0.7-1.module+el8+2463+615f6896 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.