Vulnerabilities > Redhat > Jboss Data Grid

DATE CVE VULNERABILITY TITLE RISK
2019-07-25 CVE-2019-10184 Missing Authorization vulnerability in multiple products
undertow before version 2.0.23.Final is vulnerable to an information leak issue.
network
low complexity
redhat netapp CWE-862
5.0
5.0
2019-06-12 CVE-2019-3888 Information Exposure Through Log Files vulnerability in multiple products
A vulnerability was found in Undertow web server before 2.0.21.
network
low complexity
redhat netapp CWE-532
5.0
5.0
2018-07-16 CVE-2017-2638 Improper Authentication vulnerability in multiple products
It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints.
network
low complexity
infinispan redhat CWE-287
6.4
6.4
2018-05-15 CVE-2018-1131 Deserialization of Untrusted Data vulnerability in multiple products
Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations.
network
low complexity
infinispan redhat CWE-502
6.5
6.5
2017-04-13 CVE-2016-4970 Infinite Loop vulnerability in multiple products
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).
network
low complexity
netty redhat apache CWE-835
7.5
7.5