Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Enterprise Brms Platform
Subscriptions
Total
204 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17531 | 5 Debian, Fasterxml, Netapp and 2 more | 33 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 30 more | 2024-08-05 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. | ||||
| CVE-2019-17571 | 7 Apache, Canonical, Debian and 4 more | 26 Bookkeeper, Log4j, Ubuntu Linux and 23 more | 2024-08-05 | 9.8 Critical |
| Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. | ||||
| CVE-2019-17566 | 3 Apache, Oracle, Redhat | 21 Batik, Api Gateway, Business Intelligence and 18 more | 2024-08-05 | 7.5 High |
| Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. | ||||
| CVE-2019-17267 | 5 Debian, Fasterxml, Netapp and 2 more | 21 Debian Linux, Jackson-databind, Active Iq Unified Manager and 18 more | 2024-08-05 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. | ||||
| CVE-2019-16869 | 4 Canonical, Debian, Netty and 1 more | 14 Ubuntu Linux, Debian Linux, Netty and 11 more | 2024-08-05 | 7.5 High |
| Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. | ||||
| CVE-2019-16942 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 37 Debian Linux, Jackson-databind, Fedora and 34 more | 2024-08-05 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. | ||||
| CVE-2019-16943 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 36 Debian Linux, Jackson-databind, Fedora and 33 more | 2024-08-05 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. | ||||
| CVE-2019-16335 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 26 Debian Linux, Jackson-databind, Fedora and 23 more | 2024-08-05 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. | ||||
| CVE-2019-14863 | 2 Angularjs, Redhat | 5 Angular.js, Decision Manager, Jboss Enterprise Bpms Platform and 2 more | 2024-08-05 | 6.1 Medium |
| There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. | ||||
| CVE-2019-14886 | 1 Redhat | 4 Decision Manager, Jboss Enterprise Bpms Platform, Jboss Enterprise Brms Platform and 1 more | 2024-08-05 | 6.5 Medium |
| A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed. | ||||
| CVE-2019-14893 | 4 Fasterxml, Netapp, Oracle and 1 more | 12 Jackson-databind, Oncommand Api Services, Steelstore Cloud Integrated Storage and 9 more | 2024-08-05 | 9.8 Critical |
| A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code. | ||||
| CVE-2019-14892 | 3 Apache, Fasterxml, Redhat | 13 Geode, Jackson-databind, Decision Manager and 10 more | 2024-08-05 | 9.8 Critical |
| A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code. | ||||
| CVE-2019-14862 | 3 Knockoutjs, Oracle, Redhat | 7 Knockout, Business Intelligence, Goldengate and 4 more | 2024-08-05 | 6.1 Medium |
| There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. | ||||
| CVE-2019-14900 | 3 Hibernate, Quarkus, Redhat | 17 Hibernate Orm, Quarkus, Build Of Quarkus and 14 more | 2024-08-05 | 6.5 Medium |
| A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. | ||||
| CVE-2019-14540 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 28 Debian Linux, Jackson-databind, Fedora and 25 more | 2024-08-05 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. | ||||
| CVE-2019-14379 | 7 Apple, Debian, Fasterxml and 4 more | 37 Xcode, Debian Linux, Jackson-databind and 34 more | 2024-08-05 | 9.8 Critical |
| SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | ||||
| CVE-2019-13990 | 6 Apache, Atlassian, Netapp and 3 more | 35 Tomee, Jira Service Management, Active Iq Unified Manager and 32 more | 2024-08-05 | 9.8 Critical |
| initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. | ||||
| CVE-2019-12814 | 3 Debian, Fasterxml, Redhat | 12 Debian Linux, Jackson-databind, Amq Streams and 9 more | 2024-08-04 | 5.9 Medium |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server. | ||||
| CVE-2019-12406 | 3 Apache, Oracle, Redhat | 8 Cxf, Commerce Guided Search, Flexcube Private Banking and 5 more | 2024-08-04 | 6.5 Medium |
| Apache CXF before 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. This leaves open the possibility of a denial of service type attack, where a malicious user crafts a message containing a very large number of message attachments. From the 3.3.4 and 3.2.11 releases, a default limit of 50 message attachments is enforced. This is configurable via the message property "attachment-max-count". | ||||
| CVE-2019-12423 | 3 Apache, Oracle, Redhat | 14 Cxf, Commerce Guided Search, Communications Diameter Signaling Router and 11 more | 2024-08-04 | 7.5 High |
| Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all. | ||||