Known Vulnerabilities for Jboss Fuse by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Jboss Fuse" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-20218 | A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to c... | 7.4 - HIGH | 2021-03-16 | 2021-03-25 |
| CVE-2021-4104 | JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j c... | 7.5 - HIGH | 2021-12-14 | 2023-12-22 |
| CVE-2021-3642 | A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where... | 5.3 - MEDIUM | 2021-08-05 | 2021-10-20 |
| CVE-2020-10734 | A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shippe... | 3.3 - LOW | 2021-02-11 | 2021-02-26 |
| CVE-2020-10718 | A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setti... | 7.5 - HIGH | 2020-09-16 | 2020-09-22 |
| CVE-2020-10714 | A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a se... | 7.5 - HIGH | 2020-09-23 | 2022-11-08 |
| CVE-2020-1757 | A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versi... | 8.1 - HIGH | 2020-04-21 | 2020-04-30 |
| CVE-2020-1718 | A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain una... | 8.8 - HIGH | 2020-05-12 | 2023-11-07 |
| CVE-2020-1717 | A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack. | 2.7 - LOW | 2021-02-11 | 2021-02-17 |
| CVE-2020-1714 | A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type che... | 8.8 - HIGH | 2020-05-13 | 2021-10-19 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Jboss Fuse | 7.4 | All | All | All |
| Application | Redhat | Jboss Fuse | 7.3.1 | All | All | All |
| Application | Redhat | Jboss Fuse | 7.3 | All | All | All |
| Application | Redhat | Jboss Fuse | 7.2 | All | All | All |
| Application | Redhat | Jboss Fuse | 7.1 | All | All | All |
| Application | Redhat | Jboss Fuse | 7.0.1 | All | All | All |
| Application | Redhat | Jboss Fuse | 7.0.0 | All | All | All |
| Application | Redhat | Jboss Fuse | 6.3 | All | All | All |
| Application | Redhat | Jboss Fuse | 6.1.0 | All | All | All |
| Application | Redhat | Jboss Fuse | 6.1.0 | beta | All | All |
| Application | Redhat | Jboss Fuse | 6.0.0 | All | All | All |