RHSA-2023:0713: Important: Red Hat Data Grid 8.4.1 security update

First published: Thu Feb 09 2023(Updated: )

Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.<br>Data Grid 8.4.1 replaces Data Grid 8.4.0 and includes bug fixes and enhancements. Find out more about Data Grid 8.4.1 in the Release Notes[3].<br>Security Fix(es):<br><li> mina-sshd: Java unsafe deserialization vulnerability [jdg-8] (CVE-2022-45047)</li> <li> file-type: a malformed MKV file could cause the file type detector to get caught in an infinite loop [jdg-8] (CVE-2022-36313)</li> <li> loader-utils: loader-utils:Regular expression denial of service [jdg-8] (CVE-2022-37603)</li> <li> codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS [jdg-8] (CVE-2022-41881)</li> <li> jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [jdg-8] (CVE-2022-42003)</li> <li> jackson-databind: use of deeply nested arrays [jdg-8] (CVE-2022-42004)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2023:0713
• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type