Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss data grid 6.0.0 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-1757
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may...
Redhat Undertow
Redhat Undertow 2.0.0
Redhat Undertow 2.0.25
Redhat Undertow 2.0.28
Redhat Undertow 2.0.26
Redhat Jboss Fuse 6.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
7.5
CVSSv3
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2
Fedoraproject Fedora 35
Redhat Jboss Operations Network 3.0
Redhat Jboss A-mq 6.0.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Web Server 3.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Enterprise Linux 8.0
Redhat Single Sign-on 7.0
Redhat Software Collections -
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Codeready Studio 12.0
Redhat Integration Camel K -
Redhat Openshift Container Platform 4.6
21 Github repositories
7.5
CVSSv3
CVE-2019-14888
A vulnerability was found in the Undertow HTTP server in versions prior to 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.
Redhat Undertow
Redhat Jboss Fuse 6.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Data Grid -
Netapp Active Iq Unified Manager -
7.5
CVSSv3
CVE-2017-2670
It was found in Undertow prior to 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
Redhat Undertow
Debian Debian Linux 9.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Enterprise Application Platform 7.1.0
6.5
CVSSv3
CVE-2020-25689
A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an malicious user to cause an ...
Redhat Wildfly
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Fuse 6.0.0
Netapp Oncommand Insight -
Netapp Service Level Manager -
Netapp Active Iq Unified Manager -
5.9
CVSSv3
CVE-2020-14340
A vulnerability exists in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the malicious user to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 up to and including 3.8.1.Final.
Redhat Xnio
Redhat Xnio 3.6.0
Redhat Jboss Operations Network 3.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Brms 5
Redhat Jboss Soa Platform 5
Redhat Jboss Brms 6
Redhat Jboss Data Grid 6.0.0
Redhat Jboss Data Virtualization 6.0.0
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Cloud Native Core Unified Data Repository 1.14.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.15.0
Oracle Communications Cloud Native Core Console 1.9.0
4.7
CVSSv3
CVE-2019-3805
A flaw exists in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to te...
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Wildfly
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started