Filtered by vendor Redhat Subscriptions
Filtered by product Jboss Data Grid Subscriptions
Total 228 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-26258 4 Debian, Fedoraproject, Redhat and 1 more 9 Debian Linux, Fedora, Camel Quarkus and 6 more 2025-01-15 6.3 Medium
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist if running Java 15 or higher. No user is affected who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories.
CVE-2025-23366 1 Redhat 3 Jboss Data Grid, Jboss Enterprise Application Platform, Jbosseapxp 2025-01-15 6.5 Medium
A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups “SuperUser”, “Admin”, or “Maintainer”.
CVE-2019-9514 13 Apache, Apple, Canonical and 10 more 44 Traffic Server, Mac Os X, Swiftnio and 41 more 2025-01-14 7.5 High
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
CVE-2019-9518 11 Apache, Apple, Canonical and 8 more 26 Traffic Server, Mac Os X, Swiftnio and 23 more 2025-01-14 7.5 High
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.
CVE-2019-9515 12 Apache, Apple, Canonical and 9 more 36 Traffic Server, Mac Os X, Swiftnio and 33 more 2025-01-14 7.5 High
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2023-6717 1 Redhat 15 Amq Broker, Build Keycloak, Jboss Data Grid and 12 more 2025-01-14 6 Medium
A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.
CVE-2024-3653 1 Redhat 17 Amq Streams, Build Keycloak, Camel Quarkus and 14 more 2025-01-09 5.3 Medium
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.
CVE-2024-43788 3 Redhat, Webpack, Webpack.js 9 Cryostat, Jboss Data Grid, Network Observ Optr and 6 more 2025-01-09 6.4 Medium
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.
CVE-2024-8447 1 Redhat 3 Jboss Data Grid, Jboss Enterprise Application Platform, Jbosseapxp 2025-01-03 5.9 Medium
A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.
CVE-2024-10234 1 Redhat 7 Build Keycloak, Build Of Keycloak, Jboss Data Grid and 4 more 2025-01-02 6.1 Medium
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.
CVE-2024-4029 1 Redhat 7 Build Keycloak, Jboss Data Grid, Jboss Enterprise Application Platform and 4 more 2024-12-27 4.1 Medium
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
CVE-2024-1249 1 Redhat 15 Amq Broker, Amq Streams, Build Keycloak and 12 more 2024-12-23 7.4 High
A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.
CVE-2023-44487 32 Akka, Amazon, Apache and 29 more 364 Http Server, Opensearch Data Prepper, Apisix and 361 more 2024-12-20 7.5 High
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2024-1132 1 Redhat 13 Amq Broker, Build Keycloak, Jboss Data Grid and 10 more 2024-12-20 8.1 High
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
CVE-2023-6291 1 Redhat 18 Build Keycloak, Enterprise Linux, Jboss Data Grid and 15 more 2024-12-13 7.1 High
A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.
CVE-2024-7885 1 Redhat 19 Apache Camel Spring Boot, Build Keycloak, Build Of Apache Camel - Hawtio and 16 more 2024-12-12 7.5 High
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.
CVE-2023-5379 1 Redhat 10 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Bpms Platform and 7 more 2024-12-02 7.5 High
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by mod_cluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because mod_proxy_cluster marks the JBoss EAP instance as an error worker when the TCP connection is closed from the backend after sending the AJP request without receiving an AJP response, and stops forwarding. This issue could allow a malicious user could to repeatedly send requests that exceed the max-header-size, causing a Denial of Service (DoS).
CVE-2024-6162 1 Redhat 11 Apache Camel Spring Boot, Build Keycloak, Camel Spring Boot and 8 more 2024-11-29 7.5 High
A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processed. As a result, the server may attempt to access the wrong path, causing errors such as "404 Not Found" or other application failures. This flaw can potentially lead to a denial of service, as legitimate resources become inaccessible due to the path mix-up.
CVE-2023-5685 1 Redhat 12 Apache-camel-spring-boot, Build Keycloak, Camel Spring Boot and 9 more 2024-11-26 7.5 High
A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).
CVE-2024-1300 1 Redhat 20 A Mq Clients, Amq Broker, Amq Streams and 17 more 2024-11-25 5.4 Medium
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.