CSAF
view release on metacpan or search on metacpan
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-555' => q"J2EE Misconfiguration: Plaintext Password in Configuration File",
'CWE-556' => q"ASP.NET Misconfiguration: Use of Identity Impersonation",
'CWE-558' => q"Use of getlogin() in Multithreaded Application",
'CWE-560' => q"Use of umask() with chmod-style Argument",
'CWE-561' => q"Dead Code",
'CWE-562' => q"Return of Stack Variable Address",
'CWE-563' => q"Assignment to Variable without Use",
'CWE-564' => q"SQL Injection: Hibernate",
'CWE-565' => q"Reliance on Cookies without Validation and Integrity Checking",
'CWE-566' => q"Authorization Bypass Through User-Controlled SQL Primary Key",
'CWE-567' => q"Unsynchronized Access to Shared Data in a Multithreaded Context",
'CWE-568' => q"finalize() Method Without super.finalize()",
'CWE-570' => q"Expression is Always False",
'CWE-571' => q"Expression is Always True",
'CWE-572' => q"Call to Thread run() instead of start()",
'CWE-573' => q"Improper Following of Specification by Caller",
'CWE-574' => q"EJB Bad Practices: Use of Synchronization Primitives",
'CWE-575' => q"EJB Bad Practices: Use of AWT Swing",
'CWE-576' => q"EJB Bad Practices: Use of Java I/O",
'CWE-577' => q"EJB Bad Practices: Use of Sockets",
'CWE-578' => q"EJB Bad Practices: Use of Class Loader",
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-806' => q"Buffer Access Using Size of Source Buffer",
'CWE-807' => q"Reliance on Untrusted Inputs in a Security Decision",
'CWE-820' => q"Missing Synchronization",
'CWE-821' => q"Incorrect Synchronization",
'CWE-822' => q"Untrusted Pointer Dereference",
'CWE-823' => q"Use of Out-of-range Pointer Offset",
'CWE-824' => q"Access of Uninitialized Pointer",
'CWE-825' => q"Expired Pointer Dereference",
'CWE-826' => q"Premature Release of Resource During Expected Lifetime",
'CWE-827' => q"Improper Control of Document Type Definition",
'CWE-828' => q"Signal Handler with Functionality that is not Asynchronous-Safe",
'CWE-829' => q"Inclusion of Functionality from Untrusted Control Sphere",
'CWE-830' => q"Inclusion of Web Functionality from an Untrusted Source",
'CWE-831' => q"Signal Handler Function Associated with Multiple Signals",
'CWE-832' => q"Unlock of a Resource that is not Locked",
'CWE-833' => q"Deadlock",
'CWE-834' => q"Excessive Iteration",
'CWE-835' => q"Loop with Unreachable Exit Condition ('Infinite Loop')",
'CWE-836' => q"Use of Password Hash Instead of Password for Authentication",
'CWE-837' => q"Improper Enforcement of a Single, Unique Action",
'CWE-838' => q"Inappropriate Encoding for Output Context",
t/examples/rhsa-2021_5186.json view on Meta::CPAN
{
"category": "external",
"summary": "bz#2031667: CVE-2021-4104 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
}
],
"release_date": "2021-12-10T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n...
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-hive:v4.6.0-202112160147.p0.gf139e12.assembly.stream",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle:v4.6.0.202112161349.p0.gd74112d.assembly.art3595-1",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator:v4.6.0-202112161349.p0.gd74112d.assembly.art3595"
],
"url": "https://access.redhat.com/errata/RHSA-2021:5186"
}
],
"threats": [
{
t/examples/rhsa-2021_5186.json view on Meta::CPAN
{
"category": "external",
"summary": "bz#2033121: CVE-2021-4125 kube-reporting/hive: Incomplete fix for log4j CVE-2021-44228 and CVE-2021-45046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033121"
}
],
"release_date": "2021-12-16T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n...
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-hive:v4.6.0-202112160147.p0.gf139e12.assembly.stream",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator-bundle:v4.6.0.202112161349.p0.gd74112d.assembly.art3595-1",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator:v4.6.0-202112161349.p0.gd74112d.assembly.art3595"
],
"url": "https://access.redhat.com/errata/RHSA-2021:5186"
}
],
"threats": [
{
t/examples/rhsa-2021_5217.json view on Meta::CPAN
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.5 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base...
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis is an asynchronous patch for Red ...
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Re...
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
( run in 0.672 second using v1.01-cache-2.11-cpan-0d8aa00de5b )