Vulnerabilities > Redhat > Process Automation

DATE CVE VULNERABILITY TITLE RISK
2021-06-01 CVE-2021-20306 Unspecified vulnerability in Redhat Descision Manager, Jbpm and Process Automation
A flaw was found in the BPMN editor in version jBPM 7.51.0.Final.
network
low complexity
redhat
4.3
2021-03-16 CVE-2021-20218 Unspecified vulnerability in Redhat products
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after.
network
high complexity
redhat
7.4
2020-09-23 CVE-2020-10714 A flaw was found in WildFly Elytron version 1.11.3.Final and before.
network
high complexity
redhat netapp
7.5
2020-09-16 CVE-2020-1748 Unspecified vulnerability in Redhat Wildfly Elytron
A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization.
network
low complexity
redhat
7.5
2020-05-13 CVE-2020-1714 Improper Input Validation vulnerability in multiple products
A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks.
network
low complexity
redhat quarkus CWE-20
8.8
2020-03-02 CVE-2019-14892 Deserialization of Untrusted Data vulnerability in multiple products
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes.
network
low complexity
fasterxml redhat apache CWE-502
critical
9.8
2020-01-02 CVE-2019-14863 Cross-site Scripting vulnerability in multiple products
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
network
low complexity
angularjs redhat CWE-79
6.1
2020-01-02 CVE-2019-14862 There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
network
low complexity
knockoutjs redhat oracle
6.1