Vulnerabilities > Redhat > Integration Camel K

DATE CVE VULNERABILITY TITLE RISK
2022-08-31 CVE-2022-1259 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-08-26 CVE-2022-0084 Allocation of Resources Without Limits or Throttling vulnerability in Redhat products
A flaw was found in XNIO, specifically in the notifyReadClosed method.
network
low complexity
redhat CWE-770
7.5
2022-08-24 CVE-2021-4178 Deserialization of Untrusted Data vulnerability in Redhat products
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above.
local
low complexity
redhat CWE-502
6.7
2022-08-23 CVE-2021-3690 Memory Leak vulnerability in Redhat products
A flaw was found in Undertow.
network
low complexity
redhat CWE-401
7.5
2022-08-05 CVE-2022-2053 Resource Exhaustion vulnerability in Redhat Integration Camel K, Jboss Fuse and Undertow
When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy.
network
low complexity
redhat CWE-400
7.5
2021-12-14 CVE-2021-4104 Deserialization of Untrusted Data vulnerability in multiple products
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.
network
high complexity
apache fedoraproject redhat oracle CWE-502
7.5
2021-08-05 CVE-2021-3642 A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled.
network
high complexity
redhat quarkus
5.3
2021-06-02 CVE-2020-14326 A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes.
network
low complexity
redhat netapp
7.5
2021-05-20 CVE-2021-3536 Cross-site Scripting vulnerability in Redhat products
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS.
network
low complexity
redhat CWE-79
4.8
2021-03-16 CVE-2021-20218 Unspecified vulnerability in Redhat products
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after.
network
high complexity
redhat
7.4