prometheus-jmx-exporter-0.12.0-8.el8
エラータID: AXSA:2022-3880:02
Release date:
Thursday, October 6, 2022 - 08:56
Subject:
prometheus-jmx-exporter-0.12.0-8.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
Solution:
Update packages.
CVEs:
CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
Additional Info:
N/A
Download:
SRPMS
- prometheus-jmx-exporter-0.12.0-8.el8.src.rpm
MD5: b099f0fdc72d7eae4dd32bec50370d8e
SHA-256: f4465cccf19a80f4f52e55df6c7d4fe07412b7399415345046750b7d05f96944
Size: 44.87 kB
Asianux Server 8 for x86_64
- prometheus-jmx-exporter-0.12.0-8.el8.noarch.rpm
MD5: 36ba18ae412201eed8abe8c29e2fa5a3
SHA-256: dbfdf5baf52afff94c79262cbf9c48d1ea301b8a71a4d696ec7b233f9fd2695e
Size: 467.25 kB - prometheus-jmx-exporter-openjdk11-0.12.0-8.el8.noarch.rpm
MD5: 8e4381ae5f27bfe89abb7e267e148554
SHA-256: 44210bfa5994e30935a4cbaae7e9ce48a635f32d8d67bbd10a23e167e4dc200c
Size: 7.21 kB
日本語