Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Enterprise Application Platform
Subscriptions
Total
528 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-6056 | 3 Canonical, Debian, Redhat | 3 Ubuntu Linux, Debian Linux, Jboss Enterprise Application Platform | 2024-08-05 | N/A |
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu. | ||||
CVE-2017-5664 | 2 Apache, Redhat | 4 Tomcat, Enterprise Linux, Jboss Enterprise Application Platform and 1 more | 2024-08-05 | N/A |
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. | ||||
CVE-2017-5645 | 4 Apache, Netapp, Oracle and 1 more | 86 Log4j, Oncommand Api Services, Oncommand Insight and 83 more | 2024-08-05 | 9.8 Critical |
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | ||||
CVE-2017-2666 | 2 Debian, Redhat | 4 Debian Linux, Enterprise Linux, Jboss Enterprise Application Platform and 1 more | 2024-08-05 | N/A |
It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. | ||||
CVE-2017-2670 | 2 Debian, Redhat | 6 Debian Linux, Enterprise Linux, Jboss Data Grid and 3 more | 2024-08-05 | N/A |
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS. | ||||
CVE-2017-2595 | 1 Redhat | 2 Enterprise Linux, Jboss Enterprise Application Platform | 2024-08-05 | N/A |
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal. | ||||
CVE-2017-2582 | 1 Redhat | 3 Enterprise Linux, Jboss Enterprise Application Platform, Keycloak | 2024-08-05 | N/A |
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. | ||||
CVE-2018-1000632 | 5 Debian, Dom4j Project, Netapp and 2 more | 17 Debian Linux, Dom4j, Oncommand Workflow Automation and 14 more | 2024-08-05 | 7.5 High |
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. | ||||
CVE-2018-1000180 | 5 Bouncycastle, Debian, Netapp and 2 more | 24 Fips Java Api, Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux and 21 more | 2024-08-05 | N/A |
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later. | ||||
CVE-2018-14720 | 4 Debian, Fasterxml, Oracle and 1 more | 21 Debian Linux, Jackson-databind, Banking Platform and 18 more | 2024-08-05 | N/A |
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. | ||||
CVE-2018-14721 | 4 Debian, Fasterxml, Oracle and 1 more | 21 Debian Linux, Jackson-databind, Banking Platform and 18 more | 2024-08-05 | N/A |
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. | ||||
CVE-2018-14667 | 1 Redhat | 5 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform and 2 more | 2024-08-05 | 9.8 Critical |
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData. | ||||
CVE-2018-14642 | 1 Redhat | 4 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Single Sign On and 1 more | 2024-08-05 | 5.3 Medium |
An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests. | ||||
CVE-2018-14627 | 1 Redhat | 3 Jboss Enterprise Application Platform, Jboss Single Sign On, Wildfly | 2024-08-05 | N/A |
The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connections: <transport-config confidentiality="required" trust-in-target="supported"/> | ||||
CVE-2018-14371 | 2 Eclipse, Redhat | 4 Mojarra, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Cd and 1 more | 2024-08-05 | N/A |
The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications. | ||||
CVE-2018-14040 | 3 Debian, Getbootstrap, Redhat | 6 Debian Linux, Bootstrap, Enterprise Linux and 3 more | 2024-08-05 | N/A |
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | ||||
CVE-2018-14042 | 2 Getbootstrap, Redhat | 6 Bootstrap, Enterprise Linux, Jboss Enterprise Application Platform and 3 more | 2024-08-05 | N/A |
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | ||||
CVE-2018-14041 | 2 Getbootstrap, Redhat | 4 Bootstrap, Ceph Storage, Jboss Enterprise Application Platform and 1 more | 2024-08-05 | N/A |
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. | ||||
CVE-2018-12533 | 1 Redhat | 3 Jboss Enterprise Application Platform, Jboss Operations Network, Richfaces | 2024-08-05 | N/A |
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310. | ||||
CVE-2018-12023 | 5 Debian, Fasterxml, Fedoraproject and 2 more | 20 Debian Linux, Jackson-databind, Fedora and 17 more | 2024-08-05 | N/A |
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. |