Filtered by vendor Redhat Subscriptions
Filtered by product Jboss Fuse Subscriptions
Total 560 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-23221 4 Debian, H2database, Oracle and 1 more 5 Debian Linux, H2, Communications Cloud Native Core Console and 2 more 2024-08-03 9.8 Critical
H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.
CVE-2022-23302 6 Apache, Broadcom, Netapp and 3 more 44 Log4j, Brocade Sannav, Snapmanager and 41 more 2024-08-03 8.8 High
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2022-23181 4 Apache, Debian, Oracle and 1 more 10 Tomcat, Debian Linux, Agile Engineering Data Management and 7 more 2024-08-03 7.0 High
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.
CVE-2022-22968 4 Netapp, Oracle, Redhat and 1 more 9 Active Iq Unified Manager, Cloud Secure Agent, Metrocluster Tiebreaker and 6 more 2024-08-03 5.3 Medium
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.
CVE-2022-22971 4 Netapp, Oracle, Redhat and 1 more 6 Cloud Secure Agent, Oncommand Insight, Financial Services Crime And Compliance Management Studio and 3 more 2024-08-03 6.5 Medium
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
CVE-2022-22978 4 Netapp, Oracle, Redhat and 1 more 5 Active Iq Unified Manager, Financial Services Crime And Compliance Management Studio, Jboss Fuse and 2 more 2024-08-03 9.8 Critical
In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.
CVE-2022-22932 2 Apache, Redhat 2 Karaf, Jboss Fuse 2024-08-03 5.3 Medium
Apache Karaf obr:* commands and run goal on the karaf-maven-plugin have partial path traversal which allows to break out of expected folder. The risk is low as obr:* commands are not very used and the entry is set by user. This has been fixed in revision: https://gitbox.apache.org/repos/asf?p=karaf.git;h=36a2bc4 https://gitbox.apache.org/repos/asf?p=karaf.git;h=52b70cf Mitigation: Apache Karaf users should upgrade to 4.2.15 or 4.3.6 or later as soon as possible, or use correct path. JIRA Tickets: https://issues.apache.org/jira/browse/KARAF-7326
CVE-2022-22976 4 Netapp, Oracle, Redhat and 1 more 5 Active Iq Unified Manager, Financial Services Crime And Compliance Management Studio, Jboss Fuse and 2 more 2024-08-03 5.3 Medium
Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE.
CVE-2022-22950 2 Redhat, Vmware 5 Jboss Enterprise Bpms Platform, Jboss Fuse, Openshift Application Runtimes and 2 more 2024-08-03 6.5 Medium
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
CVE-2022-22970 4 Netapp, Oracle, Redhat and 1 more 8 Active Iq Unified Manager, Brocade San Navigator, Cloud Secure Agent and 5 more 2024-08-03 5.3 Medium
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.
CVE-2022-21724 5 Debian, Fedoraproject, Postgresql and 2 more 8 Debian Linux, Fedora, Postgresql Jdbc Driver and 5 more 2024-08-03 7 High
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.
CVE-2022-4492 1 Redhat 16 Build Of Quarkus, Camel Spring Boot, Integration Camel For Spring Boot and 13 more 2024-08-03 7.5 High
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
CVE-2022-2764 2 Netapp, Redhat 11 Active Iq Unified Manager, Cloud Secure Agent, Oncommand Insight and 8 more 2024-08-03 4.9 Medium
A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
CVE-2022-2053 1 Redhat 4 Integration Camel K, Jboss Enterprise Application Platform, Jboss Fuse and 1 more 2024-08-03 7.5 High
When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. This behavior results in that a front-end proxy marking the backend worker (application server) as an error state and not forward requests to the worker for a while. In mod_cluster, this continues until the next STATUS request (10 seconds intervals) from the application server updates the server state. So, in the worst case, it can result in "All workers are in error state" and mod_cluster responds "503 Service Unavailable" for a while (up to 10 seconds). In mod_proxy_balancer, it does not forward requests to the worker until the "retry" timeout passes. However, luckily, mod_proxy_balancer has "forcerecovery" setting (On by default; this parameter can force the immediate recovery of all workers without considering the retry parameter of the workers if all workers of a balancer are in error state.). So, unlike mod_cluster, mod_proxy_balancer does not result in responding "503 Service Unavailable". An attacker could use this behavior to send a malicious request and trigger server errors, resulting in DoS (denial of service). This flaw was fixed in Undertow 2.2.19.Final, Undertow 2.3.0.Alpha2.
CVE-2022-2048 5 Debian, Eclipse, Jenkins and 2 more 12 Debian Linux, Jetty, Jenkins and 9 more 2024-08-03 7.5 High
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
CVE-2022-1650 3 Debian, Eventsource, Redhat 11 Debian Linux, Eventsource, Ceph Storage and 8 more 2024-08-03 8.1 High
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2.
CVE-2022-1319 2 Netapp, Redhat 10 Active Iq Unified Manager, Cloud Secure Agent, Oncommand Insight and 7 more 2024-08-03 7.5 High
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.
CVE-2022-1259 2 Netapp, Redhat 11 Active Iq Unified Manager, Cloud Secure Agent, Oncommand Insight and 8 more 2024-08-02 7.5 High
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.
CVE-2022-0613 3 Fedoraproject, Redhat, Uri.js Project 6 Fedora, Acm, Enterprise Linux and 3 more 2024-08-02 6.5 Medium
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.
CVE-2022-0084 1 Redhat 8 Integration Camel K, Integration Camel Quarkus, Jboss Data Grid and 5 more 2024-08-02 7.5 High
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.