CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-1710 – EAP: field-name is not parsed in accordance to RFC7230
https://notcve.org/view.php?id=CVE-2020-1710
17 Aug 2020 — The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400. El problema parece ser que JBoss EAP versión 6.4.21, no analiza el nombre de campo de acuerdo con RFC7230[1] ya que devuelve 200 en lugar de 400 A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instea... • https://bugzilla.redhat.com/show_bug.cgi?id=1793970 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-19343 – Undertow: Memory Leak in Undertow HttpOpenListener due to holding remoting connections indefinitely
https://notcve.org/view.php?id=CVE-2019-19343
16 Jun 2020 — A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable. Se encontró una falla en Undertow al usar Remoting como se envió en Red Hat Jboss EAP anterior a la versión 7.2.4. Una filtrado de memoria en HttpOpenListener debido a mantener conexiones remotas... • https://bugzilla.redhat.com/show_bug.cgi?id=1780445 • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-14885 – EAP: Vault system property security attribute value is revealed on CLI 'reload' command
https://notcve.org/view.php?id=CVE-2019-14885
20 Jan 2020 — A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information. Se detectó un fallo en el sistema JBoss EAP Vault en todas las versiones anteriores a 7.2.6.GA. La información confidencial del valor del atributo de seguridad de la propiedad del sistema es revelada en el arch... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-2312
https://notcve.org/view.php?id=CVE-2012-2312
18 Dec 2019 — An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. Se presenta un problema de privilegios elevados en JBoss AS 7 Community Release, debido a la implementación inapropiada en la propagación del contexto de seguridad. Se reutiliza una amenaza del grupo de hilos (... • https://access.redhat.com/security/cve/cve-2012-2312 • CWE-269: Improper Privilege Management •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-14820 – keycloak: adapter endpoints are exposed via arbitrary URLs
https://notcve.org/view.php?id=CVE-2019-14820
14 Oct 2019 — It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information. Se descubrió que keycloak versiones anteriores la versión 8.0.0, expone los endpoints del adaptador interno en org.keycloak.constants.AdapterConstants, que pueden ser invocadas por medio de una URL especialmente diseñada. Esta vulnerabilidad podría permiti... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 28EXPL: 0CVE-2019-10184 – undertow: Information leak in requests for directories without trailing slashes
https://notcve.org/view.php?id=CVE-2019-10184
25 Jul 2019 — undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api. Undertow en versiones anteriores a la 2.0.23.Final es vulnerable a un problema de fuga de información. Las aplicaciones web pueden tener sus estructuras de directorio predecibles a través de solicitudes sin barras finales mediante la API. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, ... • https://access.redhat.com/errata/RHSA-2019:2935 • CWE-862: Missing Authorization •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2018-10934 – wildfly-core: Cross-site scripting (XSS) in JBoss Management Console
https://notcve.org/view.php?id=CVE-2018-10934
18 Feb 2019 — A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users. Se ha descubierto una vulnerabilidad Cross-Site Scripting (XSS) en JBoss Management Console, en versiones anteriores a la 7.1.6.CR1 y la 7.1.6.GA. Los usuarios con roles que pueden crear objetos en la aplicación pueden explotar esto para atacar a otros usuarios privilegiados. Re... • https://access.redhat.com/errata/RHSA-2019:1159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-14642 – undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer
https://notcve.org/view.php?id=CVE-2018-14642
18 Sep 2018 — An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests. Se ha encontrado una vulnerabilidad de fuga de información en Undertow. Si no están escritas todas las cabeceras en la primera llamada write(), el código que maneja las escrituras al búfer siempre escribirá el contenido completo del... • https://access.redhat.com/errata/RHSA-2019:0362 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 37EXPL: 1CVE-2018-1000632 – dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
https://notcve.org/view.php?id=CVE-2018-1000632
20 Aug 2018 — dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. dom4j en versiones anteriores a la 2.1.1 contiene una vulnerabilidad CWE-91: Inyección XML en Clase: Element. Métodos: ... • https://access.redhat.com/errata/RHSA-2019:0362 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 7.6EPSS: 0%CPEs: 8EXPL: 0CVE-2018-10862 – wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip)
https://notcve.org/view.php?id=CVE-2018-10862
26 Jul 2018 — WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability. WildFly Core en versiones anteriores a la 6.0.0.0.Alpha3 no valida correctamente las rutas de los archivos en los archivos .war, lo que permite la extracción de archivos .war manipulados para sobrescribir archivos arbitrarios. Este es un ejemplo de la vulnerabilidad 'Zip Slip'. ... • https://access.redhat.com/errata/RHSA-2018:2276 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •