Vulnerabilities > Redhat > Jboss Data Grid > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-03-16 CVE-2019-14887 Unspecified vulnerability in Redhat products
A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored.
network
low complexity
redhat
critical
9.1
2020-03-02 CVE-2019-14892 Deserialization of Untrusted Data vulnerability in multiple products
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes.
network
low complexity
fasterxml redhat apache CWE-502
critical
9.8
2020-01-02 CVE-2019-10158 Session Fixation vulnerability in multiple products
A flaw was found in Infinispan through version 9.4.14.Final.
network
low complexity
infinispan redhat CWE-384
critical
9.8
2019-10-02 CVE-2019-10212 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security.
network
low complexity
redhat netapp CWE-532
critical
9.8
2019-06-12 CVE-2019-3888 Information Exposure Through Log Files vulnerability in multiple products
A vulnerability was found in Undertow web server before 2.0.21.
network
low complexity
redhat netapp CWE-532
critical
9.8