Known Vulnerabilities for Jboss Data Grid by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Jboss Data Grid" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-4104 | JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j c... | 7.5 - HIGH | 2021-12-14 | 2023-12-22 |
| CVE-2020-25689 | A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loo... | 6.5 - MEDIUM | 2020-11-02 | 2023-02-12 |
| CVE-2020-25644 | A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may al... | 7.5 - HIGH | 2020-10-06 | 2022-11-07 |
| CVE-2020-14340 | A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles betw... | 5.9 - MEDIUM | 2021-06-02 | 2022-07-25 |
| CVE-2020-1757 | A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versi... | 8.1 - HIGH | 2020-04-21 | 2020-04-30 |
| CVE-2020-1710 | The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 i... | 5.3 - MEDIUM | 2020-09-16 | 2020-09-22 |
| CVE-2019-10184 | undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures... | 7.5 - HIGH | 2019-07-25 | 2022-02-20 |
| CVE-2019-10174 | A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any... | 8.8 - HIGH | 2019-11-25 | 2022-02-20 |
| CVE-2019-10158 | A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in... | 9.8 - CRITICAL | 2020-01-02 | 2023-12-27 |
| CVE-2019-3888 | A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log... | 9.8 - CRITICAL | 2019-06-12 | 2022-02-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Jboss Data Grid | 7.3 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.2.3 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.2.2 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.2.1 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.2 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.1.2 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.1.1 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.1 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.0.1 | All | All | All |
| Application | Redhat | Jboss Data Grid | 7.0.0 | All | All | All |