Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Enterprise Application Platform
Subscriptions
Total
543 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-25638 | 5 Debian, Hibernate, Oracle and 2 more | 14 Debian Linux, Hibernate Orm, Communications Cloud Native Core Console and 11 more | 2024-11-21 | 7.4 High |
| A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity. | ||||
| CVE-2020-25633 | 2 Quarkus, Redhat | 7 Quarkus, Jboss Enterprise Application Platform, Jboss Fuse and 4 more | 2024-11-21 | 5.3 Medium |
| A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2020-1954 | 4 Apache, Netapp, Oracle and 1 more | 15 Cxf, Oncommand Workflow Automation, Snapmanager and 12 more | 2024-11-21 | 5.3 Medium |
| Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX. | ||||
| CVE-2020-1938 | 8 Apache, Blackberry, Debian and 5 more | 27 Geode, Tomcat, Good Control and 24 more | 2024-11-21 | 9.8 Critical |
| When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations. | ||||
| CVE-2020-1757 | 1 Redhat | 8 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Eus and 5 more | 2024-11-21 | 8.1 High |
| A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass. | ||||
| CVE-2020-1748 | 1 Redhat | 9 Decision Manager, Jboss Data Grid, Jboss Enterprise Application Platform and 6 more | 2024-11-21 | 7.5 High |
| A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources. | ||||
| CVE-2020-1745 | 1 Redhat | 8 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Cd and 5 more | 2024-11-21 | 8.6 High |
| A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution. | ||||
| CVE-2020-1732 | 1 Redhat | 5 Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Cd, Jboss Enterprise Application Platform Continuous Delivery and 2 more | 2024-11-21 | 4.2 Medium |
| A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request. | ||||
| CVE-2020-1729 | 1 Redhat | 3 Jboss Enterprise Application Platform, Openshift Application Runtimes, Smallrye Config | 2024-11-21 | 4.4 Medium |
| A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks that should have been applied. The largest threat from this vulnerability is a threat to data confidentiality. This is fixed in SmallRye 1.6.2 | ||||
| CVE-2020-1719 | 1 Redhat | 7 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Cd and 4 more | 2024-11-21 | 5.4 Medium |
| A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected. | ||||
| CVE-2020-1714 | 2 Quarkus, Redhat | 11 Quarkus, Decision Manager, Jboss Enterprise Application Platform and 8 more | 2024-11-21 | 8.8 High |
| A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution. | ||||
| CVE-2020-1710 | 1 Redhat | 6 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Eus and 3 more | 2024-11-21 | 5.3 Medium |
| The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400. | ||||
| CVE-2020-1695 | 2 Fedoraproject, Redhat | 9 Fedora, Enterprise Linux, Jboss Data Grid and 6 more | 2024-11-21 | 7.5 High |
| A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed. | ||||
| CVE-2020-14384 | 1 Redhat | 2 Jboss Enterprise Application Platform, Jbossweb | 2024-11-21 | 7.5 High |
| A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-14340 | 2 Oracle, Redhat | 16 Communications Cloud Native Core Console, Communications Cloud Native Core Network Repository Function, Communications Cloud Native Core Policy and 13 more | 2024-11-21 | 5.9 Medium |
| A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final. | ||||
| CVE-2020-14338 | 1 Redhat | 7 Jboss Enterprise Application Platform, Jboss Enterprise Bpms Platform, Jboss Enterprise Brms Platform and 4 more | 2024-11-21 | 5.3 Medium |
| A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code. This flaw affects all Xerces JBoss versions before 2.12.0.SP3. | ||||
| CVE-2020-14317 | 1 Redhat | 2 Jboss Enterprise Application Platform, Wildfly | 2024-11-21 | 5.5 Medium |
| It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root. | ||||
| CVE-2020-14307 | 1 Redhat | 8 A Mq Clients, Amq, Jboss Enterprise Application Platform and 5 more | 2024-11-21 | 6.5 Medium |
| A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable. | ||||
| CVE-2020-14299 | 1 Redhat | 4 Jboss Enterprise Application Platform, Jboss Single Sign On, Openshift Application Runtimes and 1 more | 2024-11-21 | 6.5 Medium |
| A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability. | ||||
| CVE-2020-14297 | 1 Redhat | 9 A Mq Clients, Amq, Jboss-ejb-client and 6 more | 2024-11-21 | 6.5 Medium |
| A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable. | ||||