Filtered by vendor Redhat Subscriptions
Filtered by product Jboss Data Grid Subscriptions
Total 227 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-5236 2 Infinispan, Redhat 3 Infinispan, Data Grid, Jboss Data Grid 2024-11-23 4.4 Medium
A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.
CVE-2023-3629 2 Infinispan, Redhat 4 Infinispan, Data Grid, Jboss Data Grid and 1 more 2024-11-23 4.3 Medium
A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
CVE-2023-3628 2 Infinispan, Redhat 4 Infinispan, Data Grid, Jboss Data Grid and 1 more 2024-11-23 6.5 Medium
A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
CVE-2024-5971 1 Redhat 12 Apache Camel Spring Boot, Build Keycloak, Camel Spring Boot and 9 more 2024-11-21 7.5 High
A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.
CVE-2024-29180 1 Redhat 10 Advanced Cluster Security, Apicurio Registry, Jboss Data Grid and 7 more 2024-11-21 7.4 High
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack. Developers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing.
CVE-2024-29025 1 Redhat 10 Amq Broker, Amq Streams, Cryostat and 7 more 2024-11-21 5.3 Medium
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.
CVE-2024-26308 2 Apache, Redhat 8 Commons Compress, Camel Quarkus, Jboss Data Grid and 5 more 2024-11-21 5.5 Medium
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.
CVE-2024-25710 2 Apache, Redhat 9 Commons Compress, Amq Streams, Camel Quarkus and 6 more 2024-11-21 8.1 High
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
CVE-2024-1635 1 Redhat 16 Amq Streams, Build Keycloak, Camel Quarkus and 13 more 2024-11-21 7.5 High
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
CVE-2023-3223 1 Redhat 20 Enterprise Linux, Integration, Jboss Data Grid and 17 more 2024-11-21 7.5 High
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.
CVE-2023-35887 2 Apache, Redhat 4 Sshd, Jboss Data Grid, Jboss Enterprise Application Platform and 1 more 2024-11-21 5 Medium
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks. This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10
CVE-2023-35116 2 Fasterxml, Redhat 7 Jackson-databind, Amq Broker, Apache-camel-spring-boot and 4 more 2024-11-21 4.7 Medium
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.
CVE-2023-34462 2 Netty, Redhat 11 Netty, Amq Broker, Amq Clients and 8 more 2024-11-21 6.5 Medium
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final.
CVE-2023-31582 2 Jose4j Project, Redhat 4 Jose4j, Amq Streams, Jboss Data Grid and 1 more 2024-11-21 7.5 High
jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less.
CVE-2023-1108 2 Netapp, Redhat 28 Oncommand Workflow Automation, Build Of Quarkus, Camel Quarkus and 25 more 2024-11-21 7.5 High
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
CVE-2022-4245 2 Codehaus-plexus, Redhat 23 Plexus-utils, A Mq Clients, Amq Broker and 20 more 2024-11-21 4.3 Medium
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
CVE-2022-4244 2 Codehaus-plexus, Redhat 23 Plexus-utils, A Mq Clients, Amq Broker and 20 more 2024-11-21 7.5 High
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CVE-2022-45047 2 Apache, Redhat 12 Sshd, Camel Spring Boot, Jboss Data Grid and 9 more 2024-11-21 9.8 Critical
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.
CVE-2022-42004 5 Debian, Fasterxml, Netapp and 2 more 19 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 16 more 2024-11-21 7.5 High
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
CVE-2022-42003 5 Debian, Fasterxml, Netapp and 2 more 20 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 17 more 2024-11-21 7.5 High
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.