Vulnerabilities > Redhat > Integration Camel K > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-21 | CVE-2024-7885 | Unspecified vulnerability in Redhat products A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. | 7.5 |
2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
2023-09-25 | CVE-2022-4244 | Path Traversal vulnerability in multiple products A flaw was found in codeplex-codehaus. | 7.5 |
2023-09-20 | CVE-2023-4853 | Incorrect Authorization vulnerability in multiple products A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. | 8.1 |
2023-09-14 | CVE-2023-1108 | Infinite Loop vulnerability in multiple products A flaw was found in undertow. | 7.5 |
2023-02-23 | CVE-2022-4492 | Unspecified vulnerability in Redhat products The undertow client is not checking the server identity presented by the server certificate in https connections. | 7.5 |
2022-09-13 | CVE-2022-1278 | Insecure Default Initialization of Resource vulnerability in Redhat products A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. | 7.5 |
2022-08-31 | CVE-2022-1259 | Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. | 7.5 |
2022-08-23 | CVE-2021-3690 | Memory Leak vulnerability in Redhat products A flaw was found in Undertow. | 7.5 |
2021-12-14 | CVE-2021-4104 | Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. | 7.5 |