Vulnerabilities > Redhat > Fuse > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2021-4178 Deserialization of Untrusted Data vulnerability in Redhat products
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above.
local
low complexity
redhat CWE-502
6.7
2022-05-24 CVE-2021-3597 Race Condition vulnerability in multiple products
A flaw was found in undertow.
network
high complexity
redhat netapp CWE-362
5.9
2021-05-27 CVE-2020-10688 Unspecified vulnerability in Redhat products
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs.
network
low complexity
redhat
6.1
2020-11-02 CVE-2020-25689 A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller.
network
low complexity
redhat netapp
6.5
2020-07-06 CVE-2019-14900 SQL Injection vulnerability in multiple products
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1.
network
low complexity
hibernate redhat quarkus CWE-89
6.5
2020-05-26 CVE-2020-10719 HTTP Request Smuggling vulnerability in multiple products
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes.
network
low complexity
redhat netapp CWE-444
6.5
2019-11-08 CVE-2019-14860 Unspecified vulnerability in Redhat Fuse and Syndesis
It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins.
network
low complexity
redhat
6.5
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
2019-05-23 CVE-2019-0201 Missing Authorization vulnerability in multiple products
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta.
network
high complexity
apache debian redhat oracle netapp CWE-862
5.9
2018-03-16 CVE-2018-1199 Improper Input Validation vulnerability in multiple products
Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints.
network
low complexity
vmware redhat oracle CWE-20
5.3