Vulnerabilities > Redhat > Jboss Fuse > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-3642 | Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. | 3.5 |
| 2021-02-11 | CVE-2020-10734 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat products A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. | 2.1 |
| 2019-08-01 | CVE-2015-7559 | Improper Input Validation vulnerability in multiple products It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. | 2.7 |
| 2014-04-17 | CVE-2014-0085 | Credentials Management vulnerability in Redhat Jboss A-Mq and Jboss Fuse JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. | 2.1 |