RHSA-2022:2232: Moderate: Red Hat Data Grid 8.3.1 security update
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.Data Grid 8.3.1 replaces Data Grid 8.3.0 and includes bug fixes and enhancements. Find out more about Data Grid 8.3.1 in the Release Notes[3].Security Fix(es): jackson-databind: denial of service via a large depth of nested objects [jdg-8] (CVE-2020-36518) kafka-clients: Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients [jdg-8] (CVE-2021-38153) xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr [jdg-8] (CVE-2022-0084) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:2232?
The severity of RHSA-2022:2232 is considered critical due to the potential impact on system performance and data integrity.
How do I fix RHSA-2022:2232?
To fix RHSA-2022:2232, users should upgrade to Data Grid 8.3.1, which includes important security updates.
What vulnerabilities are addressed in RHSA-2022:2232?
RHSA-2022:2232 addresses vulnerabilities that affect the functionality and performance of Red Hat Data Grid.
Who is affected by RHSA-2022:2232?
RHSA-2022:2232 affects users of Red Hat Data Grid 8.3.0 and earlier versions.
When was RHSA-2022:2232 released?
RHSA-2022:2232 was released on December 1, 2022.