VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
> Jboss Fuse
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-08-21
CVE-2024-7885
Unspecified vulnerability in Redhat products
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests.
network
low complexity
redhat
7.5
7.5
2023-10-10
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
network
low complexity
ietf
nghttp2
netty
envoyproxy
eclipse
caddyserver
golang
f5
apache
apple
grpc
microsoft
nodejs
dena
facebook
amazon
debian
kazu-yamamoto
istio
varnish-cache-project
traefik
projectcontour
linkerd
linecorp
redhat
fedoraproject
netapp
akka
konghq
jenkins
openresty
cisco
7.5
7.5
2023-02-23
CVE-2022-4492
Unspecified vulnerability in Redhat products
The undertow client is not checking the server identity presented by the server certificate in https connections.
network
low complexity
redhat
7.5
7.5
2022-09-01
CVE-2022-2764
A flaw was found in Undertow.
network
low complexity
redhat
netapp
4.9
4.9
2022-08-05
CVE-2022-2053
Resource Exhaustion vulnerability in Redhat Integration Camel K, Jboss Fuse and Undertow
When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy.
network
low complexity
redhat
CWE-400
7.5
7.5
2021-12-14
CVE-2021-4104
Deserialization of Untrusted Data vulnerability in multiple products
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.
network
high complexity
apache
fedoraproject
redhat
oracle
CWE-502
7.5
7.5
2021-08-05
CVE-2021-3642
A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled.
network
high complexity
redhat
quarkus
5.3
5.3
2021-06-02
CVE-2020-14340
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles.
network
high complexity
redhat
oracle
5.9
5.9
2021-03-16
CVE-2021-20218
Unspecified vulnerability in Redhat products
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after.
network
high complexity
redhat
7.4
7.4
2021-02-23
CVE-2020-27782
Unspecified vulnerability in Redhat products
A flaw was found in the Undertow AJP connector.
network
low complexity
redhat
7.5
7.5
«
1
(current)
2
3
4
»
Next