Vulnerabilities > Redhat > Integration Camel K > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2024-7885 Unspecified vulnerability in Redhat products
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests.
network
low complexity
redhat
7.5
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-09-25 CVE-2022-4244 Path Traversal vulnerability in multiple products
A flaw was found in codeplex-codehaus.
network
low complexity
codehaus-plexus redhat CWE-22
7.5
2023-09-20 CVE-2023-4853 Incorrect Authorization vulnerability in multiple products
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions.
network
high complexity
quarkus redhat CWE-863
8.1
2023-09-14 CVE-2023-1108 Infinite Loop vulnerability in multiple products
A flaw was found in undertow.
network
low complexity
redhat netapp CWE-835
7.5
2023-02-23 CVE-2022-4492 Unspecified vulnerability in Redhat products
The undertow client is not checking the server identity presented by the server certificate in https connections.
network
low complexity
redhat
7.5
2022-09-13 CVE-2022-1278 Insecure Default Initialization of Resource vulnerability in Redhat products
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
network
low complexity
redhat CWE-1188
7.5
2022-08-31 CVE-2022-1259 Resource Exhaustion vulnerability in multiple products
A flaw was found in Undertow.
network
low complexity
redhat netapp CWE-400
7.5
2022-08-23 CVE-2021-3690 Memory Leak vulnerability in Redhat products
A flaw was found in Undertow.
network
low complexity
redhat CWE-401
7.5
2021-12-14 CVE-2021-4104 Deserialization of Untrusted Data vulnerability in multiple products
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.
network
high complexity
apache fedoraproject redhat oracle CWE-502
7.5