RHSA-2022:1860

See a problem?
Please try reporting it to the source first.

Source

https://access.redhat.com/errata/RHSA-2022:1860

Import Source

https://security.access.redhat.com/data/osv/RHSA-2022:1860.json

JSON Data

https://api.osv.dev/v1/vulns/RHSA-2022:1860

Related

CVE-2020-13956

Published

2024-10-01T18:20:25Z

Modified

2024-10-24T01:32:58Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

Red Hat Security Advisory: maven:3.6 security and enhancement update

Details

References

Affected packages

Red Hat:enterprise_linux:8::appstream / aopalliance

Package

Name: aopalliance
Purl: pkg:rpm/redhat/aopalliance

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.0-20.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / apache-commons-cli

Package

Name: apache-commons-cli
Purl: pkg:rpm/redhat/apache-commons-cli

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.4-7.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / apache-commons-codec

Package

Name: apache-commons-codec
Purl: pkg:rpm/redhat/apache-commons-codec

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.13-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / apache-commons-io

Package

Name: apache-commons-io
Purl: pkg:rpm/redhat/apache-commons-io

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.6-6.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / apache-commons-lang3

Package

Name: apache-commons-lang3
Purl: pkg:rpm/redhat/apache-commons-lang3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.9-4.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / atinject

Package

Name: atinject
Purl: pkg:rpm/redhat/atinject

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1-31.20100611svn86.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / cdi-api

Package

Name: cdi-api
Purl: pkg:rpm/redhat/cdi-api

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.0.1-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / geronimo-annotation

Package

Name: geronimo-annotation
Purl: pkg:rpm/redhat/geronimo-annotation

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.0-26.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / google-guice

Package

Name: google-guice
Purl: pkg:rpm/redhat/google-guice

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.2.2-4.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / guava

Package

Name: guava
Purl: pkg:rpm/redhat/guava

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:28.1-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / httpcomponents-client

Package

Name: httpcomponents-client
Purl: pkg:rpm/redhat/httpcomponents-client

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.5.10-4.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / httpcomponents-core

Package

Name: httpcomponents-core
Purl: pkg:rpm/redhat/httpcomponents-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.4.12-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / jansi

Package

Name: jansi
Purl: pkg:rpm/redhat/jansi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.18-4.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / jcl-over-slf4j

Package

Name: jcl-over-slf4j
Purl: pkg:rpm/redhat/jcl-over-slf4j

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.7.28-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / jsoup

Package

Name: jsoup
Purl: pkg:rpm/redhat/jsoup

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.12.1-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / jsr-305

Package

Name: jsr-305
Purl: pkg:rpm/redhat/jsr-305

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0-0.25.20130910svn.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven

Package

Name: maven
Purl: pkg:rpm/redhat/maven

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.2-7.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven-lib

Package

Name: maven-lib
Purl: pkg:rpm/redhat/maven-lib

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.2-7.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven-openjdk11

Package

Name: maven-openjdk11
Purl: pkg:rpm/redhat/maven-openjdk11

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.2-7.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven-openjdk17

Package

Name: maven-openjdk17
Purl: pkg:rpm/redhat/maven-openjdk17

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.2-7.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven-openjdk8

Package

Name: maven-openjdk8
Purl: pkg:rpm/redhat/maven-openjdk8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.6.2-7.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven-resolver

Package

Name: maven-resolver
Purl: pkg:rpm/redhat/maven-resolver

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.4.1-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven-shared-utils

Package

Name: maven-shared-utils
Purl: pkg:rpm/redhat/maven-shared-utils

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.2.1-0.4.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / maven-wagon

Package

Name: maven-wagon
Purl: pkg:rpm/redhat/maven-wagon

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.3.4-2.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / plexus-cipher

Package

Name: plexus-cipher
Purl: pkg:rpm/redhat/plexus-cipher

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.7-17.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / plexus-classworlds

Package

Name: plexus-classworlds
Purl: pkg:rpm/redhat/plexus-classworlds

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.6.0-4.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / plexus-containers

Package

Name: plexus-containers
Purl: pkg:rpm/redhat/plexus-containers

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.1.0-2.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / plexus-containers-component-annotations

Package

Name: plexus-containers-component-annotations
Purl: pkg:rpm/redhat/plexus-containers-component-annotations

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.1.0-2.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / plexus-interpolation

Package

Name: plexus-interpolation
Purl: pkg:rpm/redhat/plexus-interpolation

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.26-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / plexus-sec-dispatcher

Package

Name: plexus-sec-dispatcher
Purl: pkg:rpm/redhat/plexus-sec-dispatcher

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.4-29.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / plexus-utils

Package

Name: plexus-utils
Purl: pkg:rpm/redhat/plexus-utils

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.3.0-3.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / sisu

Package

Name: sisu
Purl: pkg:rpm/redhat/sisu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.3.4-2.module+el8.6.0+13337+afcb49ec

Red Hat:enterprise_linux:8::appstream / slf4j

Package

Name: slf4j
Purl: pkg:rpm/redhat/slf4j

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.7.28-3.module+el8.6.0+13337+afcb49ec