Vulnerabilities > Infinispan

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-25	CVE-2019-10174	Unsafe Reflection vulnerability in multiple products A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. network low complexity infinispan redhat netapp CWE-470	8.8
2018-09-11	CVE-2016-0750	Deserialization of Untrusted Data vulnerability in Infinispan The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. network low complexity infinispan CWE-502	8.8
2018-07-16	CVE-2017-2638	Improper Authentication vulnerability in multiple products It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. network low complexity infinispan redhat CWE-287	6.5
2018-05-15	CVE-2018-1131	Deserialization of Untrusted Data vulnerability in multiple products Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. network low complexity infinispan redhat CWE-502	8.8
2018-02-15	CVE-2017-15089	Deserialization of Untrusted Data vulnerability in Infinispan It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. network low complexity infinispan CWE-502	8.8

Vulnerabilities > Infinispan {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Infinispan"}]}