[ALSA-2022:6820] Moderate: prometheus-jmx-exporter security update
Type:
security
Severity:
moderate
Release date:
2022-10-07
Description:
Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security Fix(es): * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch prometheus-jmx-exporter-0.12.0-8.el8_6.noarch.rpm 697f86793a5d3ad1bdee413b8583b760cb77d07b0ca82164d44ec0e609dece0b
noarch prometheus-jmx-exporter-openjdk11-0.12.0-8.el8_6.noarch.rpm e9d2446f87bd55b4e6fc74cf1de60dab732f540b9cb44117f8c52b1d061cd88f
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.