Filtered by vendor Redhat Subscriptions
Filtered by product Jboss Single Sign On Subscriptions
Total 140 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-9514 13 Apache, Apple, Canonical and 10 more 44 Traffic Server, Mac Os X, Swiftnio and 41 more 2024-08-04 7.5 High
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
CVE-2019-9515 12 Apache, Apple, Canonical and 9 more 36 Traffic Server, Mac Os X, Swiftnio and 33 more 2024-08-04 7.5 High
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9512 6 Apache, Apple, Canonical and 3 more 24 Traffic Server, Mac Os X, Swiftnio and 21 more 2024-08-04 7.5 High
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-8331 4 F5, Getbootstrap, Redhat and 1 more 22 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 19 more 2024-08-04 6.1 Medium
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2019-3894 1 Redhat 3 Jboss Enterprise Application Platform, Jboss Single Sign On, Wildfly 2024-08-04 8.8 High
It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security identity when executing.
CVE-2019-3888 2 Netapp, Redhat 10 Active Iq Unified Manager, Enterprise Linux, Jboss Data Grid and 7 more 2024-08-04 9.8 Critical
A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)
CVE-2019-3873 1 Redhat 4 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Single Sign On and 1 more 2024-08-04 N/A
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
CVE-2019-3868 1 Redhat 4 Jboss Single Sign On, Keycloak, Openshift Application Runtimes and 1 more 2024-08-04 N/A
Keycloak up to version 6.0.0 allows the end user token (access or id token JWT) to be used as the session cookie for browser sessions for OIDC. As a result an attacker with access to service provider backend could hijack user’s browser session.
CVE-2019-3872 1 Redhat 4 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Single Sign On and 1 more 2024-08-04 N/A
It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.
CVE-2019-3875 1 Redhat 4 Jboss Single Sign On, Keycloak, Openshift Application Runtimes and 1 more 2024-08-04 N/A
A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols ('http' or 'ldap') and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn't validate signatures on CRL, which can result in a possibility of various attacks like man-in-the-middle.
CVE-2019-3805 1 Redhat 6 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Cd and 3 more 2024-08-04 4.7 Medium
A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.
CVE-2019-0205 3 Apache, Oracle, Redhat 9 Thrift, Communications Cloud Native Core Network Slice Selection Function, Enterprise Linux Server and 6 more 2024-08-04 7.5 High
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.
CVE-2019-0210 3 Apache, Oracle, Redhat 9 Thrift, Communications Cloud Native Core Network Slice Selection Function, Enterprise Linux Server and 6 more 2024-08-04 7.5 High
In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.
CVE-2020-25644 2 Netapp, Redhat 11 Oncommand Insight, Oncommand Workflow Automation, Service Level Manager and 8 more 2024-08-04 7.5 High
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2020-25638 5 Debian, Hibernate, Oracle and 2 more 14 Debian Linux, Hibernate Orm, Communications Cloud Native Core Console and 11 more 2024-08-04 7.4 High
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
CVE-2020-14389 1 Redhat 3 Jboss Single Sign On, Keycloak, Red Hat Single Sign On 2024-08-04 8.1 High
It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have.
CVE-2020-14366 1 Redhat 2 Jboss Single Sign On, Keycloak 2024-08-04 6.8 Medium
A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw
CVE-2020-14340 2 Oracle, Redhat 16 Communications Cloud Native Core Console, Communications Cloud Native Core Network Repository Function, Communications Cloud Native Core Policy and 13 more 2024-08-04 5.9 Medium
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final.
CVE-2020-14338 1 Redhat 7 Jboss Enterprise Application Platform, Jboss Enterprise Bpms Platform, Jboss Enterprise Brms Platform and 4 more 2024-08-04 5.3 Medium
A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code. This flaw affects all Xerces JBoss versions before 2.12.0.SP3.
CVE-2020-14299 1 Redhat 4 Jboss Enterprise Application Platform, Jboss Single Sign On, Openshift Application Runtimes and 1 more 2024-08-04 6.5 Medium
A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.