csaf_redhat - rhsa-2025:9697

rhsa-2025:9697

Vulnerability from csaf_redhat

Published

2025-06-25 19:47

Modified

2025-08-07 15:05

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.3 for Spring Boot patch release.

Notes

Topic

Red Hat build of Apache Camel 4.10.3 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat build of Apache Camel 4.10.3 for Spring Boot patch release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * jetty-server: Jetty: Gzip Request Body Buffer Corruption (CVE-2024-13009) * commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default (CVE-2025-48734) * postgresql: pgjdbc insecure authentication in channel binding (CVE-2025-49146)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat build of Apache Camel 4.10.3 for Spring Boot patch release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat build of Apache Camel 4.10.3 for Spring Boot patch release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues\nfixed.\n\nSecurity Fix(es):\n   \n* jetty-server: Jetty: Gzip Request Body Buffer Corruption (CVE-2024-13009)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default (CVE-2025-48734)\n\n* postgresql: pgjdbc insecure authentication in channel binding (CVE-2025-49146)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:9697",
        "url": "https://access.redhat.com/errata/RHSA-2025:9697"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2365135",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365135"
      },
      {
        "category": "external",
        "summary": "2368956",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
      },
      {
        "category": "external",
        "summary": "2372307",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372307"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_9697.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.3 for Spring Boot patch release.",
    "tracking": {
      "current_release_date": "2025-08-07T15:05:27+00:00",
      "generator": {
        "date": "2025-08-07T15:05:27+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2025:9697",
      "initial_release_date": "2025-06-25T19:47:43+00:00",
      "revision_history": [
        {
          "date": "2025-06-25T19:47:43+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-06-25T19:47:43+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-07T15:05:27+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7",
                "product": {
                  "name": "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7",
                  "product_id": "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:apache_camel_spring_boot:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Build of Apache Camel"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-13009",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "discovery_date": "2025-05-08T18:00:47.047186+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2365135"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Eclipse Jetty. This vulnerability allows corrupted and inadvertent data sharing between requests via a gzip error when inflating a request body. If the request body is malformed, the gzip decompression process can fail, resulting in the application inadvertently using data from a previous request when processing the current one.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jetty-server: Jetty: Gzip Request Body Buffer Corruption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an IMPORTANT severity because a buffer management vulnerability exists within the GzipHandler\u0027s buffer release mechanism when encountering gzip errors during request body inflation, this flaw can lead to the incorrect release and subsequent inadvertent sharing and corruption of request body data between concurrent uncompressed requests, results in data exposure and incorrect processing of requests due to corrupted input.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-13009"
        },
        {
          "category": "external",
          "summary": "RHBZ#2365135",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365135"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-13009",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-13009",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13009"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5",
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5"
        },
        {
          "category": "external",
          "summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/48",
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/48"
        }
      ],
      "release_date": "2025-05-08T17:29:31.380000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-25T19:47:43+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9697"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jetty-server: Jetty: Gzip Request Body Buffer Corruption"
    },
    {
      "cve": "CVE-2025-48734",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "discovery_date": "2025-05-28T14:00:56.619771+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2368956"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-48734"
        },
        {
          "category": "external",
          "summary": "RHBZ#2368956",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
          "url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
        },
        {
          "category": "external",
          "summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
          "url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
          "url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
          "url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
        }
      ],
      "release_date": "2025-05-28T13:32:08.300000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-25T19:47:43+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9697"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
    },
    {
      "cve": "CVE-2025-49146",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2025-06-11T15:01:33.735376+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2372307"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A connection handling flaw was found in the pgjdbc connection driver in configurations that require channel binding. Connections created with authentication methods that should not allow channel binding permit connections to use channel binding. This flaw allows attackers to position themselves in the middle of a connection and intercept the connection.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pgjdbc: pgjdbc insecure authentication in channel binding",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49146"
        },
        {
          "category": "external",
          "summary": "RHBZ#2372307",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372307"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49146",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49146",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49146"
        },
        {
          "category": "external",
          "summary": "https://github.com/pgjdbc/pgjdbc/commit/9217ed16cb2918ab1b6b9258ae97e6ede244d8a0",
          "url": "https://github.com/pgjdbc/pgjdbc/commit/9217ed16cb2918ab1b6b9258ae97e6ede244d8a0"
        },
        {
          "category": "external",
          "summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-hq9p-pm7w-8p54",
          "url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-hq9p-pm7w-8p54"
        }
      ],
      "release_date": "2025-06-11T14:32:39.348000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-25T19:47:43+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9697"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.10.3 for Spring Boot 3.4.7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pgjdbc: pgjdbc insecure authentication in channel binding"
    }
  ]
}

CVE-2025-48734 (GCVE-0-2025-48734)

Vulnerability from cvelistv5

Published

2025-05-28 13:32

Modified

2025-05-29 03:55

Severity ?

CWE

CWE-284 - Improper Access Control

Summary

Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default. PropertyUtilsBean (and consequently BeanUtilsBean) now disallows declared class level property access by default. Releases 1.11.0 and 2.0.0-M2 address a potential security issue when accessing enum properties in an uncontrolled way. If an application using Commons BeanUtils passes property paths from an external source directly to the getProperty() method of PropertyUtilsBean, an attacker can access the enum’s class loader via the “declaredClass” property available on all Java “enum” objects. Accessing the enum’s “declaredClass” allows remote attackers to access the ClassLoader and execute arbitrary code. The same issue exists with PropertyUtilsBean.getNestedProperty(). Starting in versions 1.11.0 and 2.0.0-M2 a special BeanIntrospector suppresses the “declaredClass” property. Note that this new BeanIntrospector is enabled by default, but you can disable it to regain the old behavior; see section 2.5 of the user's guide and the unit tests. This issue affects Apache Commons BeanUtils 1.x before 1.11.0, and 2.x before 2.0.0-M2.Users of the artifact commons-beanutils:commons-beanutils 1.x are recommended to upgrade to version 1.11.0, which fixes the issue. Users of the artifact org.apache.commons:commons-beanutils2 2.x are recommended to upgrade to version 2.0.0-M2, which fixes the issue.

References

►

URL

Tags

https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9

vendor-advisory

Impacted products

Vendor

Product

Version

►

Apache Software Foundation

Apache Commons BeanUtils 1.x

Version: 1.0

Apache Software Foundation

Apache Commons BeanUtils 2.x

Version: 2.0.0-M1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-48734",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-28T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T03:55:47.725Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-28T18:03:42.763Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/05/28/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "commons-beanutils:commons-beanutils",
          "product": "Apache Commons BeanUtils 1.x",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "1.11.0",
              "status": "affected",
              "version": "1.0",
              "versionType": "maven"
            }
          ]
        },
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.commons:commons-beanutils2",
          "product": "Apache Commons BeanUtils 2.x",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.0.0-M2",
              "status": "affected",
              "version": "2.0.0-M1",
              "versionType": "maven"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Raj (mailto:denesh.raj@zohocorp.com)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Muthukumar Marikani (mailto:muthukumar.marikani@zohocorp.com)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eImproper Access Control vulnerability in Apache Commons.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default. PropertyUtilsBean (and consequently BeanUtilsBean) now disallows declared class level property access by default.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003eReleases 1.11.0 and 2.0.0-M2 address a potential security issue when accessing enum properties in an uncontrolled way. If an application using Commons BeanUtils passes property paths from an external source directly to the getProperty() method of PropertyUtilsBean, an attacker can access the enum\u2019s class loader via the \u201cdeclaredClass\u201d property available on all Java \u201cenum\u201d objects. Accessing the enum\u2019s \u201cdeclaredClass\u201d allows remote attackers to access the ClassLoader and execute arbitrary code. The same issue exists with PropertyUtilsBean.getNestedProperty().\u003cbr\u003eStarting in versions 1.11.0 and 2.0.0-M2 a special BeanIntrospector suppresses the \u201cdeclaredClass\u201d property. Note that this new BeanIntrospector is enabled by default, but you can disable it to regain the old behavior; see section 2.5 of the user\u0027s guide and the unit tests.\u003cp\u003e\u003c/p\u003eThis issue affects Apache Commons BeanUtils 1.x before 1.11.0, and 2.x before 2.0.0-M2.\u003cp\u003eUsers of the artifact commons-beanutils:commons-beanutils\n\n 1.x are recommended to upgrade to version 1.11.0, which fixes the issue.\u003c/p\u003e\u003cp\u003e\nUsers of the artifact org.apache.commons:commons-beanutils2\n\n 2.x are recommended to upgrade to version 2.0.0-M2, which fixes the issue.\n\n\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "Improper Access Control vulnerability in Apache Commons.\n\n\n\nA special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default. PropertyUtilsBean (and consequently BeanUtilsBean) now disallows declared class level property access by default.\n\n\n\n\n\nReleases 1.11.0 and 2.0.0-M2 address a potential security issue when accessing enum properties in an uncontrolled way. If an application using Commons BeanUtils passes property paths from an external source directly to the getProperty() method of PropertyUtilsBean, an attacker can access the enum\u2019s class loader via the \u201cdeclaredClass\u201d property available on all Java \u201cenum\u201d objects. Accessing the enum\u2019s \u201cdeclaredClass\u201d allows remote attackers to access the ClassLoader and execute arbitrary code. The same issue exists with PropertyUtilsBean.getNestedProperty().\nStarting in versions 1.11.0 and 2.0.0-M2 a special BeanIntrospector suppresses the \u201cdeclaredClass\u201d property. Note that this new BeanIntrospector is enabled by default, but you can disable it to regain the old behavior; see section 2.5 of the user\u0027s guide and the unit tests.\n\nThis issue affects Apache Commons BeanUtils 1.x before 1.11.0, and 2.x before 2.0.0-M2.Users of the artifact commons-beanutils:commons-beanutils\n\n 1.x are recommended to upgrade to version 1.11.0, which fixes the issue.\n\n\nUsers of the artifact org.apache.commons:commons-beanutils2\n\n 2.x are recommended to upgrade to version 2.0.0-M2, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-28T13:32:08.300Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-48734",
    "datePublished": "2025-05-28T13:32:08.300Z",
    "dateReserved": "2025-05-23T12:30:32.006Z",
    "dateUpdated": "2025-05-29T03:55:47.725Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49146 (GCVE-0-2025-49146)

Vulnerability from cvelistv5

Published

2025-06-11 14:32

Modified

2025-06-11 14:46

Severity ?

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWE

CWE-287 - Improper Authentication

Summary

pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow connections to proceed with authentication methods that do not support channel binding (such as password, MD5, GSS, or SSPI authentication). This could allow a man-in-the-middle attacker to intercept connections that users believed were protected by channel binding requirements. This vulnerability is fixed in 42.7.7.

References

►

URL

Tags

	https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-hq9p-pm7w-8p54	x_refsource_CONFIRM
	https://github.com/pgjdbc/pgjdbc/commit/9217ed16cb2918ab1b6b9258ae97e6ede244d8a0	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	pgjdbc	pgjdbc	Version: >= 42.7.4, < 42.7.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49146",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-11T14:46:03.689878Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-11T14:46:17.286Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "pgjdbc",
          "vendor": "pgjdbc",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 42.7.4, \u003c 42.7.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow connections to proceed with authentication methods that do not support channel binding (such as password, MD5, GSS, or SSPI authentication). This could allow a man-in-the-middle attacker to intercept connections that users believed were protected by channel binding requirements. This vulnerability is fixed in 42.7.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287: Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-11T14:32:39.348Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-hq9p-pm7w-8p54",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-hq9p-pm7w-8p54"
        },
        {
          "name": "https://github.com/pgjdbc/pgjdbc/commit/9217ed16cb2918ab1b6b9258ae97e6ede244d8a0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pgjdbc/pgjdbc/commit/9217ed16cb2918ab1b6b9258ae97e6ede244d8a0"
        }
      ],
      "source": {
        "advisory": "GHSA-hq9p-pm7w-8p54",
        "discovery": "UNKNOWN"
      },
      "title": "pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-49146",
    "datePublished": "2025-06-11T14:32:39.348Z",
    "dateReserved": "2025-06-02T10:39:41.635Z",
    "dateUpdated": "2025-06-11T14:46:17.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-13009 (GCVE-0-2024-13009)

Vulnerability from cvelistv5

Published

2025-05-08 17:29

Modified

2025-05-08 18:56

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE

CWE-404 - Improper Resource Shutdown or Release

Summary

In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.

References

►

URL

Tags

	https://gitlab.eclipse.org/security/cve-assignement/-/issues/48
	https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5

Impacted products

	Vendor	Product	Version
	Eclipse Foundation	Jetty	Version: 9.4.0 ≤ 9.4.56

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-13009",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T18:55:32.278977Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-08T18:56:39.446Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jetty",
          "vendor": "Eclipse Foundation",
          "versions": [
            {
              "lessThanOrEqual": "9.4.56",
              "status": "affected",
              "version": "9.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
            }
          ],
          "value": "In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request\nbody. This can result in corrupted and/or inadvertent sharing of data between requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404 Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-08T17:29:31.380Z",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/48"
        },
        {
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-q4rv-gq96-w7c5"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "tags": [
        "unsupported-when-assigned"
      ],
      "title": "Eclipse Jetty GZIP buffer release",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2024-13009",
    "datePublished": "2025-05-08T17:29:31.380Z",
    "dateReserved": "2024-12-28T09:11:12.587Z",
    "dateUpdated": "2025-05-08T18:56:39.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2025:9697

Vulnerability from csaf_redhat

CVE-2025-48734 (GCVE-0-2025-48734)

Vulnerability from cvelistv5

CVE-2025-49146 (GCVE-0-2025-49146)

Vulnerability from cvelistv5

CVE-2024-13009 (GCVE-0-2024-13009)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature