Vulnerabilities > Infinispan

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-18	CVE-2023-3628	A flaw was found in Infinispan's REST. network low complexity redhat infinispan	6.5
2023-12-18	CVE-2023-3629	A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. network low complexity redhat infinispan	6.5
2023-12-18	CVE-2023-5236	A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. network low complexity redhat infinispan	6.5
2023-12-18	CVE-2023-5384	Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in Infinispan. network low complexity redhat infinispan CWE-312	2.7
2023-10-04	CVE-2023-4586	Improper Certificate Validation vulnerability in multiple products A vulnerability was found in the Hot Rod client. network high complexity redhat infinispan CWE-295	7.4
2021-09-21	CVE-2021-31917	Improper Authentication vulnerability in multiple products A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). network low complexity redhat infinispan CWE-287 critical	9.8
2021-06-02	CVE-2020-10771	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. network low complexity infinispan redhat netapp CWE-352	7.1
2020-12-03	CVE-2020-25711	Missing Authorization vulnerability in multiple products A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. network low complexity infinispan redhat netapp CWE-862	6.5
2020-10-19	CVE-2020-10746	Unspecified vulnerability in Infinispan Infinispan-Server-Runtime 10.0.0 A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs. local low complexity infinispan	6.1
2020-01-02	CVE-2019-10158	Session Fixation vulnerability in multiple products A flaw was found in Infinispan through version 9.4.14.Final. network low complexity infinispan redhat CWE-384 critical	9.8

Vulnerabilities > Infinispan {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Infinispan"}]}

Vulnerabilities > Infinispan