| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-5685 | Xnio: stackoverflowexception when the chain of notifier states becomes problematically big | Red Hat | Red Hat build of Apache Camel 4.4.0 for Spring Boot | High | 7.5 | 2024-03-22 18:24:43 | Deep Dive |
| CVE-2024-1635 | Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol | - | - | High | 7.5 | 2024-02-19 21:23:14 | Deep Dive |
| CVE-2024-1459 | Undertow: directory traversal vulnerability | - | - | Medium | 5.3 | 2024-02-12 20:30:04 | Deep Dive |
| CVE-2023-4503 | Eap-galleon: custom provisioning creates unsecured http-invoker | Red Hat | EAP 7.4.14 | Medium | 6.8 | 2024-02-06 08:39:02 | Deep Dive |
| CVE-2023-6291 | Keycloak: redirect_uri validation bypass | Red Hat | Red Hat build of Keycloak 22 | High | 7.1 | 2024-01-26 14:23:43 | Deep Dive |
| CVE-2023-3171 | Eap-7: heap exhaustion via deserialization | Red Hat | EAP 7.4.13 | High | 7.5 | 2023-12-27 15:45:33 | Deep Dive |
| CVE-2023-3628 | Infispan: rest bulk ops don't check permissions | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 6.5 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-3629 | Infinispan: non-admins should not be able to get cache config via rest api | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-6710 | Mod_cluster/mod_proxy_cluster: stored cross site scripting | Red Hat | JBoss Core Services for RHEL 8 | Medium | 5.4 | 2023-12-12 22:01:34 | Deep Dive |
| CVE-2023-5379 | Undertow: ajp request closes connection exceeding maxrequestsize | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2023-12-12 21:54:53 | Deep Dive |
| CVE-2023-4061 | Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor | Red Hat | Red Hat JBoss Enterprise Application Platform 7 | Medium | 6.5 | 2023-11-08 00:56:05 | Deep Dive |
| CVE-2022-4132 | Memory leak on tls connections | - | jss | Medium | 5.9 | 2023-10-04 11:26:11 | Deep Dive |
| CVE-2023-3223 | Undertow: outofmemoryerror due to @multipartconfig handling | Red Hat | Red Hat Fuse 7.12.1 | High | 7.5 | 2023-09-27 13:54:45 | Deep Dive |
| CVE-2022-4245 | Codehaus-plexus: xml external entity (xxe) injection | Red Hat | RHINT Camel-K-1.10.1 | Medium | 4.3 | 2023-09-25 19:20:57 | Deep Dive |
| CVE-2022-4244 | Codehaus-plexus: directory traversal | Red Hat | RHINT Camel-K-1.10.1 | High | 7.5 | 2023-09-25 19:20:05 | Deep Dive |
| CVE-2023-1108 | Undertow: infinite loop in sslconduit during close | - | - | High | 7.5 | 2023-09-14 14:48:59 | Deep Dive |
| CVE-2022-1415 | Drools: unsafe data deserialization in streamutils | Red Hat | RHPAM 7.13.1 async | High | 8.1 | 2023-09-11 20:20:24 | Deep Dive |
| CVE-2023-3089 | Ocp & fips mode | - | openshift | High | 7.0 | 2023-07-05 12:21:03 | Deep Dive |
| CVE-2014-3650 | Red Hat JBoss AeroGear 跨站脚本漏洞 | - | Jboss Aerogear | 中危 | - | 2022-07-01 13:17:25 | Deep Dive |