Filtered by vendor Redhat Subscriptions
Filtered by product Jboss Enterprise Application Platform Eus Subscriptions
Total 21 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-23307 4 Apache, Oracle, Qos and 1 more 44 Chainsaw, Log4j, Advanced Supply Chain Planning and 41 more 2024-11-21 8.8 High
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
CVE-2022-23305 6 Apache, Broadcom, Netapp and 3 more 46 Log4j, Brocade Sannav, Snapmanager and 43 more 2024-11-21 9.8 Critical
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2022-23302 6 Apache, Broadcom, Netapp and 3 more 44 Log4j, Brocade Sannav, Snapmanager and 41 more 2024-11-21 8.8 High
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2021-4104 4 Apache, Fedoraproject, Oracle and 1 more 59 Log4j, Fedora, Advanced Supply Chain Planning and 56 more 2024-11-21 7.5 High
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
CVE-2020-1757 1 Redhat 8 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Eus and 5 more 2024-11-21 8.1 High
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass.
CVE-2020-1745 1 Redhat 8 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Cd and 5 more 2024-11-21 8.6 High
A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.
CVE-2020-1710 1 Redhat 6 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Eus and 3 more 2024-11-21 5.3 Medium
The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400.
CVE-2019-9515 12 Apache, Apple, Canonical and 9 more 36 Traffic Server, Mac Os X, Swiftnio and 33 more 2024-11-21 7.5 High
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9514 13 Apache, Apple, Canonical and 10 more 44 Traffic Server, Mac Os X, Swiftnio and 41 more 2024-11-21 7.5 High
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
CVE-2019-9512 6 Apache, Apple, Canonical and 3 more 24 Traffic Server, Mac Os X, Swiftnio and 21 more 2024-11-21 7.5 High
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9511 12 Apache, Apple, Canonical and 9 more 29 Traffic Server, Mac Os X, Swiftnio and 26 more 2024-11-21 7.5 High
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-20445 6 Apache, Canonical, Debian and 3 more 20 Spark, Ubuntu Linux, Debian Linux and 17 more 2024-11-21 9.1 Critical
HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
CVE-2019-20444 5 Canonical, Debian, Fedoraproject and 2 more 19 Ubuntu Linux, Debian Linux, Fedora and 16 more 2024-11-21 9.1 Critical
HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
CVE-2019-17531 5 Debian, Fasterxml, Netapp and 2 more 33 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 30 more 2024-11-21 9.8 Critical
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.
CVE-2019-16869 4 Canonical, Debian, Netty and 1 more 14 Ubuntu Linux, Debian Linux, Netty and 11 more 2024-11-21 7.5 High
Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.
CVE-2019-14888 2 Netapp, Redhat 10 Active Iq Unified Manager, Jboss Data Grid, Jboss Enterprise Application Platform and 7 more 2024-11-21 7.5 High
A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.
CVE-2019-14843 1 Redhat 5 Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Eus, Jboss Single Sign On and 2 more 2024-11-21 8.8 High
A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks. Versions shipped with Red Hat Jboss EAP 7 and Red Hat SSO 7 are vulnerable to this issue.
CVE-2019-14379 7 Apple, Debian, Fasterxml and 4 more 37 Xcode, Debian Linux, Jackson-databind and 34 more 2024-11-21 9.8 Critical
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
CVE-2019-12384 3 Debian, Fasterxml, Redhat 12 Debian Linux, Jackson-databind, Amq Streams and 9 more 2024-11-21 5.9 Medium
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible.
CVE-2019-10174 3 Infinispan, Netapp, Redhat 12 Infinispan, Active Iq Unified Manager, Enterprise Linux and 9 more 2024-11-21 8.8 High
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.