Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jboss_enterprise_application_platform
(Redhat)| Repositories |
• https://github.com/FasterXML/jackson-databind
• https://github.com/qos-ch/slf4j • https://github.com/bcgit/bc-java • https://github.com/apache/cxf • https://github.com/dom4j/dom4j |
| #Vulnerabilities | 225 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-12-18 | CVE-2023-3628 | A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions. | Infinispan, Data_grid, Jboss_data_grid, Jboss_enterprise_application_platform | 6.5 | ||
| 2023-12-18 | CVE-2023-3629 | A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions. | Infinispan, Data_grid, Jboss_data_grid, Jboss_enterprise_application_platform | 6.5 | ||
| 2024-08-21 | CVE-2024-7885 | A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which... | Build_of_apache_camel_\-_hawtio, Build_of_apache_camel_for_spring_boot, Build_of_keycloak, Data_grid, Integration_camel_k, Jboss_enterprise_application_platform, Jboss_fuse, Process_automation, Single_sign\-On | 7.5 |