Latest redhat integration camel quarkus Vulnerabilities

● CVE-2023-4853

Quarkus: http security policy bypass

redhat/openshift-serverless-clients<0:1.9.2-3.el8

Quarkus Quarkus<2.16.11

Quarkus Quarkus>=3.2.0<3.2.6

Quarkus Quarkus>=3.3.0<3.3.3

Redhat Build Of Optaplanner=8.0

Redhat Build Of Quarkus>=2.13.0<2.13.8

and 28 more

● CVE-2022-41862

A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. When a libpq client application has a Kerberos credential cache and doesn'...

redhat/postgresql<5.2

redhat/postgresql<14.7

redhat/postgresql<13.10

redhat/postgresql<12.14

redhat/postgresql<11.19

IBM Cloud Pak for Business Automation<=V23.0.1 - V23.0.1-IF001

and 11 more

● CVE-2022-0084

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed request...

redhat/eap7-jboss-xnio-base<0:3.8.7-1.SP1_redhat_00001.1.el8ea

redhat/eap7-jboss-xnio-base<0:3.8.7-1.SP1_redhat_00001.1.el7ea

redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el7

redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el8

redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el7

redhat/rh-sso7-keycloak<0:18.0.3-1.redhat_00001.1.el8

and 7 more

● CVE-2021-4178

fabric8 Kubernetes client had an arbitrary code execution flaw in versions 5.0.0-beta-1 and higher. Attackers could potentially insert malicious YAMLs due to misconfigured YAML parsing.

redhat/kubernetes-client<5.0.3

redhat/kubernetes-client<5.1.2

redhat/kubernetes-client<5.3.2

redhat/kubernetes-client<5.4.2

redhat/kubernetes-client<5.7.4

redhat/kubernetes-client<5.8.1

and 25 more

● CVE-2021-4104

Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2

redhat/log4j<0:1.2.14-6.5.el6_10

redhat/log4j<0:1.2.17-17.el7_4

redhat/log4j<0:1.2.17-16.el7_3

redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6

redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6

redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6

and 219 more

● CVE-2021-3690

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from thi...

redhat/eap7-undertow<0:2.0.38-2.SP2_redhat_00001.1.el6ea

redhat/eap7-apache-commons-io<0:2.10.0-1.redhat_00001.1.el6ea

redhat/eap7-hal-console<0:3.2.16-1.Final_redhat_00001.1.el6ea

redhat/eap7-hibernate<0:5.3.20-4.SP2_redhat_00001.1.el6ea

redhat/eap7-ironjacamar<0:1.4.35-1.Final_redhat_00001.1.el6ea

redhat/eap7-jakarta-el<0:3.0.3-2.redhat_00006.1.el6ea

and 56 more

● CVE-2021-3642

A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. The highest th...

redhat/eap7-apache-cxf<0:3.3.12-1.redhat_00001.1.el6ea

redhat/eap7-ironjacamar<0:1.5.3-1.Final_redhat_00001.1.el6ea

redhat/eap7-jakarta-el<0:3.0.3-3.redhat_00007.1.el6ea

redhat/eap7-jboss-ejb-client<0:4.0.43-1.Final_redhat_00001.1.el6ea

redhat/eap7-jboss-server-migration<0:1.7.2-10.Final_redhat_00011.1.el6ea

redhat/eap7-jsoup<0:1.14.2-1.redhat_00002.1.el6ea

and 47 more

● CVE-2021-3536

A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affe...

redhat/Wildfly<23.0.2.

redhat/eap7-elytron-web<0:1.6.3-1.Final_redhat_00001.1.el6ea

redhat/eap7-hal-console<0:3.2.15-1.Final_redhat_00001.1.el6ea

redhat/eap7-hibernate<0:5.3.20-3.SP1_redhat_00001.1.el6ea

redhat/eap7-infinispan<0:9.4.23-1.Final_redhat_00001.1.el6ea

redhat/eap7-ironjacamar<0:1.4.33-1.Final_redhat_00001.1.el6ea

and 45 more

Latest redhat integration camel quarkus Vulnerabilities

Company

Resources

Contact