Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Fuse
Subscriptions
Total
563 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-5675 | 1 Redhat | 11 A Mq Clients, Camel Quarkus, Cryostat and 8 more | 2024-11-24 | 6.5 Medium |
A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either 'quarkus.security.jaxrs.deny-unannotated-endpoints' or 'quarkus.security.jaxrs.default-roles-allowed' properties. | ||||
CVE-2024-1459 | 1 Redhat | 8 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Enterprise Bpms Platform and 5 more | 2024-11-23 | 5.3 Medium |
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories. | ||||
CVE-2023-5072 | 2 Json-java Project, Redhat | 8 Json-java, Amq Broker, Amq Streams and 5 more | 2024-11-21 | 7.5 High |
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. | ||||
CVE-2024-5971 | 1 Redhat | 12 Apache Camel Spring Boot, Build Keycloak, Camel Spring Boot and 9 more | 2024-11-21 | 7.5 High |
A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios. | ||||
CVE-2024-28752 | 3 Apache, Netapp, Redhat | 8 Cxf, Oncommand Workflow Automation, Apache Camel Spring Boot and 5 more | 2024-11-21 | 9.3 Critical |
A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted. | ||||
CVE-2024-22243 | 1 Redhat | 1 Jboss Fuse | 2024-11-21 | 8.1 High |
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. | ||||
CVE-2024-21733 | 2 Apache, Redhat | 3 Tomcat, Apache-camel-spring-boot, Jboss Fuse | 2024-11-21 | 5.3 Medium |
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue. | ||||
CVE-2024-1635 | 1 Redhat | 16 Amq Streams, Build Keycloak, Camel Quarkus and 13 more | 2024-11-21 | 7.5 High |
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak. | ||||
CVE-2023-6481 | 2 Qos, Redhat | 6 Logback, Amq Broker, Camel Spring Boot and 3 more | 2024-11-21 | 7.1 High |
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. | ||||
CVE-2023-50290 | 2 Apache, Redhat | 2 Solr, Jboss Fuse | 2024-11-21 | 6.5 Medium |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designed to work for known secret Java system properties. Environment variables cannot be strictly defined in Solr, like Java system properties can be, and may be set for the entire host, unlike Java system properties which are set per-Java-proccess. The Solr Metrics API is protected by the "metrics-read" permission. Therefore, Solr Clouds with Authorization setup will only be vulnerable via users with the "metrics-read" permission. This issue affects Apache Solr: from 9.0.0 before 9.3.0. Users are recommended to upgrade to version 9.3.0 or later, in which environment variables are not published via the Metrics API. | ||||
CVE-2023-46749 | 2 Apache, Redhat | 2 Shiro, Jboss Fuse | 2024-11-21 | 6.5 Medium |
Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure `blockSemicolon` is enabled (this is the default). | ||||
CVE-2023-46604 | 4 Apache, Debian, Netapp and 1 more | 10 Activemq, Activemq Legacy Openwire Module, Debian Linux and 7 more | 2024-11-21 | 10 Critical |
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue. | ||||
CVE-2023-46589 | 2 Apache, Redhat | 5 Tomcat, Enterprise Linux, Jboss Enterprise Web Server and 2 more | 2024-11-21 | 7.5 High |
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue. | ||||
CVE-2023-45648 | 3 Apache, Debian, Redhat | 6 Tomcat, Debian Linux, Enterprise Linux and 3 more | 2024-11-21 | 5.3 Medium |
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue. | ||||
CVE-2023-42795 | 3 Apache, Debian, Redhat | 6 Accumulo, Tomcat, Debian Linux and 3 more | 2024-11-21 | 5.3 Medium |
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue. | ||||
CVE-2023-42794 | 2 Apache, Redhat | 4 Tomcat, Enterprise Linux, Jboss Enterprise Web Server and 1 more | 2024-11-21 | 5.9 Medium |
Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue. | ||||
CVE-2023-40167 | 3 Debian, Eclipse, Redhat | 11 Debian Linux, Jetty, Amq Broker and 8 more | 2024-11-21 | 5.3 Medium |
Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario. | ||||
CVE-2023-3635 | 2 Redhat, Squareup | 6 Amq Streams, Jboss Enterprise Bpms Platform, Jboss Fuse and 3 more | 2024-11-21 | 5.9 Medium |
GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class. | ||||
CVE-2023-3223 | 1 Redhat | 20 Enterprise Linux, Integration, Jboss Data Grid and 17 more | 2024-11-21 | 7.5 High |
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. | ||||
CVE-2023-39410 | 2 Apache, Redhat | 6 Avro, Camel Quarkus, Jboss Enterprise Application Platform and 3 more | 2024-11-21 | 7.5 High |
When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro version 1.11.3 which addresses this issue. |