High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco	7.5
2022-09-13	CVE-2022-1278	Insecure Default Initialization of Resource vulnerability in Redhat products A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. network low complexity redhat CWE-1188	7.5
2021-12-14	CVE-2021-4104	Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. network high complexity apache fedoraproject redhat oracle CWE-502	7.5
2018-08-01	CVE-2016-8648	Deserialization of Untrusted Data vulnerability in Redhat Jboss A-Mq and Jboss Fuse It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. network low complexity redhat CWE-502	7.2
2017-09-25	CVE-2015-5183	Unspecified vulnerability in Redhat Amq, Jboss A-Mq and Jboss Enterprise web Server Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ. network low complexity redhat	7.5