CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-25644 – wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL
https://notcve.org/view.php?id=CVE-2020-25644
06 Oct 2020 — A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo de pérdida de memoria en WildFly OpenSSL en versiones anteriores a 1.1.3.Final, donde se elimina una sesión HTTP. Puede permitir a un atacante causar OOM conllevando a una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1885485 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10714 – wildfly-elytron: session fixation when using FORM authentication
https://notcve.org/view.php?id=CVE-2020-10714
17 Aug 2020 — A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en versión 1.11.3.Final y anteriores de WildFly Elytron. Cuando se usa la autenticación FORM de WildFly Elytron con un ID de sesión en la URL, un atacante podría llevar a ... • https://bugzilla.redhat.com/show_bug.cgi?id=1825714 • CWE-384: Session Fixation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10718 – wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API
https://notcve.org/view.php?id=CVE-2020-10718
17 Aug 2020 — A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo en Wildfly versiones anteriores a wildfly-embedded-13.0.0.Final, donde la API del proceso administrado incorporado presenta una configuración expuesta del Thread Context Cl... • https://bugzilla.redhat.com/show_bug.cgi?id=1828476 • CWE-749: Exposed Dangerous Method or Function •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-14297 – wildfly: Some EJB transaction objects may get accumulated causing Denial of Service
https://notcve.org/view.php?id=CVE-2020-14297
24 Jul 2020 — A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable. Se detectó un fallo en Wildfly's EJB Client que se incluyó con Red Hat JBoss EAP 7, donde algunos objetos de transacción EJB específicos pueden ser acumulados con el tiempo y pueden causar q... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14297 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14307 – wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service
https://notcve.org/view.php?id=CVE-2020-14307
24 Jul 2020 — A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable. Se encontró una vulnerabilidad en Wildfly's Enterprise Java Beans (EJB) versiones incluidas con Red Hat JBoss EAP 7, donde SessionOpenInvocations nunca ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1CVE-2020-10688 – RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack
https://notcve.org/view.php?id=CVE-2020-10688
28 May 2020 — A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack. Se encontró un fallo de tipo cross-site scripting (XSS) en RESTEasy en versiones anteriores a 3.11.1.Final y anteriores a 4.5.3.Final, donde no manejaba apropiadamente la codificación de URL cuando ocurre la excepción RESTEASY003870. Un atac... • https://bugzilla.redhat.com/show_bug.cgi?id=1814974 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2020-1714 – keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-1714
13 May 2020 — A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution. Se detectó un fallo en Keycloak versiones anteriores a 11.0.0, donde la base de código contiene usos de la función ObjectInputStream sin ningún tipo de comprobaciones. Este fallo permite a un atacante ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 1%CPEs: 27EXPL: 1CVE-2019-14900 – hibernate: SQL injection issue in Hibernate ORM
https://notcve.org/view.php?id=CVE-2019-14900
12 May 2020 — A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. Se encontró un fallo en Hibernate ORM en versiones anteriores a 5.3.18, 5.4.18 y 5.5.0.Beta1. Una inyección SQL en la implementación de la API JPA Criteria pu... • https://github.com/shanika04/hibernate-orm • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-1718 – keycloak: security issue on reset credential flow
https://notcve.org/view.php?id=CVE-2020-1718
12 May 2020 — A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain unauthorized access to the application. Se encontró un fallo en el flujo de restablecimiento de credenciales en todas las versiones de Keycloak versiones anteriores a 8.0.0. Este fallo permite a un atacante obtener acceso no autorizado a la aplicación. A flaw was found in the reset credential flow in Keycloak. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2020-10719 – undertow: invalid HTTP request with large chunk size
https://notcve.org/view.php?id=CVE-2020-10719
11 May 2020 — A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling. Se detectó un fallo en Undertow en versiones anteriores a 2.1.1.Final, con respecto al procesamiento de peticiones HTTP no válidas con tamaños de fragmentos grandes. Este fallo permite a un atacante tomar ventaja del tráfico no autorizado de peticiones HTTP. A flaw was found in Undertow, regarding the ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •