Latest redhat fuse Vulnerabilities

CVE-2023-1108
Undertow: infinite loop in sslconduit during close
redhat/eap7-undertow<0:2.2.22-1.SP3_redhat_00002.1.el8ea
redhat/eap7-wildfly<0:7.4.9-6.GA_redhat_00004.1.el8ea
redhat/eap7-undertow<0:2.2.23-1.SP2_redhat_00001.1.el8ea
redhat/eap7-undertow-jastow<0:2.0.14-1.Final_redhat_00001.1.el8ea
redhat/eap7-undertow<0:2.2.22-1.SP3_redhat_00002.1.el9ea
redhat/eap7-wildfly<0:7.4.9-6.GA_redhat_00004.1.el9ea
and 54 more
CVE-2021-4178
fabric8 Kubernetes client had an arbitrary code execution flaw in versions 5.0.0-beta-1 and higher. Attackers could potentially insert malicious YAMLs due to misconfigured YAML parsing.
redhat/kubernetes-client<5.0.3
redhat/kubernetes-client<5.1.2
redhat/kubernetes-client<5.3.2
redhat/kubernetes-client<5.4.2
redhat/kubernetes-client<5.7.4
redhat/kubernetes-client<5.8.1
and 25 more
CVE-2021-3690
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from thi...
redhat/eap7-undertow<0:2.0.38-2.SP2_redhat_00001.1.el6ea
redhat/eap7-apache-commons-io<0:2.10.0-1.redhat_00001.1.el6ea
redhat/eap7-hal-console<0:3.2.16-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.20-4.SP2_redhat_00001.1.el6ea
redhat/eap7-ironjacamar<0:1.4.35-1.Final_redhat_00001.1.el6ea
redhat/eap7-jakarta-el<0:3.0.3-2.redhat_00006.1.el6ea
and 56 more
CVE-2021-3597
A flaw was found in undertow where HTTP2SourceChannel fails to write final frame under some circumstances may result in DoS. The highest impact of this vulnerability is availability.
redhat/eap7-apache-commons-io<0:2.10.0-1.redhat_00001.1.el6ea
redhat/eap7-hal-console<0:3.2.16-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.20-4.SP2_redhat_00001.1.el6ea
redhat/eap7-ironjacamar<0:1.4.35-1.Final_redhat_00001.1.el6ea
redhat/eap7-jakarta-el<0:3.0.3-2.redhat_00006.1.el6ea
redhat/eap7-jberet<0:1.3.9-1.Final_redhat_00001.1.el6ea
and 65 more
CVE-2020-25689
A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able ...
redhat/eap7-activemq-artemis<0:2.9.0-7.redhat_00017.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.9-12.SP13_redhat_00001.1.el6ea
redhat/eap7-hal-console<0:3.2.12-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.20-1.Final_redhat_00001.1.el6ea
redhat/eap7-httpcomponents-client<0:4.5.13-1.redhat_00001.1.el6ea
redhat/eap7-jboss-ejb-client<0:4.0.37-1.Final_redhat_00001.1.el6ea
and 63 more
CVE-2020-10719
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request sm...
redhat/eap7-activemq-artemis<0:2.9.0-4.redhat_00010.1.el6ea
redhat/eap7-apache-cxf<0:3.2.12-1.redhat_00001.1.el6ea
redhat/eap7-bouncycastle<0:1.60.0-2.redhat_00002.1.el6ea
redhat/eap7-codehaus-jackson<0:1.9.13-10.redhat_00007.1.el6ea
redhat/eap7-cryptacular<0:1.2.4-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-el<0:3.0.1-5.b08_redhat_00004.1.el6ea
and 278 more
CVE-2020-10688
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. ...
redhat/resteasy<3.11.1.
redhat/resteasy<4.5.3.
redhat/eap7-activemq-artemis<0:2.9.0-4.redhat_00010.1.el6ea
redhat/eap7-apache-cxf<0:3.3.5-1.redhat_00001.1.el6ea
redhat/eap7-bouncycastle<0:1.60.0-2.redhat_00002.1.el6ea
redhat/eap7-codehaus-jackson<0:1.9.13-10.redhat_00007.1.el6ea
and 174 more
CVE-2019-14860
It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further acces...
Redhat Fuse<7.5.0
Redhat Syndesis
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This...
redhat/eap7-apache-cxf<0:3.2.11-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-6.SP3_redhat_00004.1.el6ea
redhat/eap7-hal-console<0:3.0.19-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.14-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-validator<0:6.0.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jackson-annotations<0:2.9.10-1.redhat_00003.1.el6ea
and 779 more
CVE-2019-0201
A flaw was found in Apache ZooKeeper. A lack of permission checks while retrieving ACLs allows unsalted hash values to be disclosed for unauthenticated or unprivileged users.
redhat/zookeeper<3.6.0
redhat/zookeeper<3.5.5
redhat/zookeeper<3.4.14
ubuntu/zookeeper<3.4.8-1ubuntu0.1~
ubuntu/zookeeper<3.4.5+dfsg-1ubuntu0.1~
ubuntu/zookeeper<3.4.9-3+
and 34 more
CVE-2019-10174
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's...
redhat/eap7-glassfish-jsf<0:2.3.5-11.SP3_redhat_00009.1.el6ea
redhat/eap7-infinispan<0:9.3.9-1.Final_redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-11.SP3_redhat_00009.1.el7ea
redhat/eap7-infinispan<0:9.3.9-1.Final_redhat_00001.1.el7ea
redhat/eap7-glassfish-jsf<0:2.3.5-11.SP3_redhat_00009.1.el8ea
redhat/eap7-infinispan<0:9.3.9-1.Final_redhat_00001.1.el8ea
and 17 more
CVE-2019-0204
A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1...
Apache Mesos>=1.4.0<1.4.3
Apache Mesos>=1.6.0<1.6.2
Apache Mesos>=1.7.0<1.7.2
Apache Mesos=1.8.0-dev
Redhat Fuse=7.5.0
CVE-2019-14900
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is use...
redhat/Hibernate ORM<5.3.18
redhat/Hibernate ORM<5.4.18
redhat/Hibernate ORM<5.5.0.
redhat/Hibernate ORM 5.3.17.Final-redhat<00001
redhat/eap7-dom4j<0:2.1.3-1.redhat_00001.1.el6ea
redhat/eap7-elytron-web<0:1.2.5-1.Final_redhat_00001.1.el6ea
and 125 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203