RHSA-2022:0083: Moderate: Red Hat build of Eclipse Vert.x 4.1.8 security update
This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section.Security Fix(es): log4j-core: remote code execution via JDBC Appender (CVE-2021-44832) log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046) log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:0083?
RHSA-2022:0083 addresses critical vulnerabilities associated with remote code execution in log4j-core.
How do I fix RHSA-2022:0083?
To remediate RHSA-2022:0083, update to the fixed version of Eclipse Vert.x as per the provided security advisory.
What vulnerabilities are addressed in RHSA-2022:0083?
RHSA-2022:0083 includes fixes for CVE-2021-44832 and other critical vulnerabilities in log4j-core.
Is RHSA-2022:0083 applicable to my system?
RHSA-2022:0083 is applicable to systems running Red Hat build of Eclipse Vert.x affected by the specific vulnerabilities.
What should I do after applying the patch for RHSA-2022:0083?
After applying the patch for RHSA-2022:0083, verify the functionality of your applications and monitor for any unusual behavior.