Vulnerabilities > Redhat > Jboss Enterprise Application Platform > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-06 | CVE-2020-10693 | A flaw was found in Hibernate Validator version 6.1.2.Final. | 5.3 |
2020-05-04 | CVE-2020-1732 | Improper Input Validation vulnerability in Redhat products A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request. | 4.2 |
2020-03-11 | CVE-2011-2487 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. | 5.9 |
2020-01-23 | CVE-2019-14885 | Information Exposure Through Log Files vulnerability in Redhat products A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. | 4.3 |
2020-01-08 | CVE-2019-14820 | Unspecified vulnerability in Redhat products It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. | 4.3 |
2020-01-02 | CVE-2014-0169 | Incorrect Authorization vulnerability in Redhat Jboss Enterprise Application Platform 6.0.0 In JBoss EAP 6 a security domain is configured to use a cache that is shared between all applications that are in the security domain. | 6.5 |
2019-12-11 | CVE-2013-6495 | Cross-site Scripting vulnerability in Redhat products JBossWeb Bayeux has reflected XSS | 6.1 |
2019-11-08 | CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. | 6.1 |
2019-10-14 | CVE-2019-14838 | Improper Privilege Management vulnerability in Redhat products A flaw was found in wildfly-core before 7.2.5.GA. | 4.9 |
2019-08-23 | CVE-2019-12400 | Improper Input Validation vulnerability in multiple products In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. | 5.5 |