Latest oracle stream analytics Vulnerabilities

● CVE-2021-4104

Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2

redhat/log4j<0:1.2.14-6.5.el6_10

redhat/log4j<0:1.2.17-17.el7_4

redhat/log4j<0:1.2.17-16.el7_3

redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6

redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6

redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6

and 219 more

● CVE-2021-37714

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, ...

redhat/eap7-apache-cxf<0:3.3.12-1.redhat_00001.1.el6ea

redhat/eap7-ironjacamar<0:1.5.3-1.Final_redhat_00001.1.el6ea

redhat/eap7-jakarta-el<0:3.0.3-3.redhat_00007.1.el6ea

redhat/eap7-jboss-ejb-client<0:4.0.43-1.Final_redhat_00001.1.el6ea

redhat/eap7-jboss-server-migration<0:1.7.2-10.Final_redhat_00011.1.el6ea

redhat/eap7-jsoup<0:1.14.2-1.redhat_00002.1.el6ea

and 55 more

● CVE-2021-34429

For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security co...

redhat/jetty<9.4.43

redhat/jetty<10.0.6

redhat/jetty<11.0.6

Eclipse Jetty>=9.4.37<9.4.43

Eclipse Jetty>=10.0.1<10.0.6

Eclipse Jetty>=11.0.1<11.0.6

and 19 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.