Search for packages
| purl | pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1?arch=el8eap |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7rfx-9car-wkcs
Aliases: CVE-2022-36033 GHSA-gp7f-rwcx-9369 |
jsoup may not sanitize code injection XSS attempts if SafeList.preserveRelativeLinks is enabled jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow cross-site scripting (XSS) attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. ### Impact Sites that accept input HTML from users and use jsoup to sanitize that HTML, may be vulnerable to cross-site scripting (XSS) attacks, if they have enabled `SafeList.preserveRelativeLinks` and do not set an appropriate Content Security Policy. ### Patches This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. ### Workarounds To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.) ### Background and root cause jsoup includes a [Cleaner](https://jsoup.org/apidocs/org/jsoup/safety/Cleaner.html) component, which is designed to [sanitize input HTML](https://jsoup.org/cookbook/cleaning-html/safelist-sanitizer) against configurable safe-lists of acceptable tags, attributes, and attribute values. This includes removing potentially malicious attributes such as `<a href="javascript:...">`, which may enable XSS attacks. It does this by validating URL attributes against allowed URL protocols (e.g. `http`, `https`). However, an attacker may be able to bypass this check by embedding control characters into the href attribute value. This causes the Java URL class, which is used to resolve relative URLs to absolute URLs before checking the URL's protocol, to treat the URL as a relative URL. It is then resolved into an absolute URL with the configured base URI. For example, `java\tscript:...` would resolve to `https://example.com/java\tscript:...`. By default, when using a safe-list that allows `a` tags, jsoup will rewrite any relative URLs (e.g. `/foo/`) to an absolute URL (e.g. `https://example.com/foo/`). Therefore, this attack attempt would be successfully mitigated. However, if the option [SafeList.preserveRelativeLinks](https://jsoup.org/apidocs/org/jsoup/safety/Safelist.html#preserveRelativeLinks(boolean)) is enabled (which does not rewrite relative links to absolute), the input is left as-is. While Java will treat a path like `java\tscript:` as a relative path, as it does not match the allowed characters of a URL spec, browsers may normalize out the control characters, and subsequently evaluate it as a `javascript:` spec inline expression. That disparity then leads to an XSS opportunity. Sites defining a Content Security Policy that does not allow javascript expressions in link URLs will not be impacted, as the policy will prevent the script's execution. ### For more information If you have any questions or comments about this advisory: * Open an issue in [jsoup](https://github.com/jhy/jsoup) * Email the author of jsoup at [jonathan@hedley.net](mailto:jonathan@hedley.net) ### Credits Thanks to Jens Häderer, who reported this issue, and contributed to its resolution. | There are no reported fixed by versions. |
|
VCID-ftf5-r1db-9qfq
Aliases: CVE-2024-4029 GHSA-x7g6-rwhc-g7mj |
Wildfly vulnerable to denial of service A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections. | There are no reported fixed by versions. |
|
VCID-mssa-dgz3-w7fh
Aliases: CVE-2024-4068 GHSA-grv7-fg5c-xmjg |
Uncontrolled resource consumption in braces The NPM package `braces` fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash. | There are no reported fixed by versions. |
|
VCID-rfs8-njaq-qkc8
Aliases: CVE-2022-34169 GHSA-9339-86wc-4qgf |
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. A fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release. | There are no reported fixed by versions. |
|
VCID-wfmh-pkck-yfb3
Aliases: CVE-2023-51775 GHSA-6qvw-249j-h44c |
jose4j denial of service via specifically crafted JWE The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:57:40.044209+00:00 | RedHat Importer | Affected by | VCID-rfs8-njaq-qkc8 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json | 38.0.0 |
| 2026-04-01T13:57:20.158866+00:00 | RedHat Importer | Affected by | VCID-7rfx-9car-wkcs | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36033.json | 38.0.0 |
| 2026-04-01T13:49:29.213596+00:00 | RedHat Importer | Affected by | VCID-wfmh-pkck-yfb3 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51775.json | 38.0.0 |
| 2026-04-01T13:49:25.714524+00:00 | RedHat Importer | Affected by | VCID-mssa-dgz3-w7fh | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4068.json | 38.0.0 |
| 2026-04-01T13:47:54.216634+00:00 | RedHat Importer | Affected by | VCID-ftf5-r1db-9qfq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4029.json | 38.0.0 |