Redhat: >> Jboss Enterprise Application Platform Security Vulnerabilities
In JBoss EAP 6 a security domain is configured to use a cache that is shared between all applications that are in the security domain. This could allow an authenticated user in one application to access protected resources in another application without proper authorization. Although this is an intended functionality, it was not clearly documented which can mislead users into thinking that a security domain cache is isolated to a single application.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-01-02
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-12-18
JBossWeb Bayeux has reflected XSS
CVSS Score
6.1
EPSS Score
0.003
Published
2019-12-11
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-11-25
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
CVSS Score
5.9
EPSS Score
0.004
Published
2019-11-18
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVSS Score
6.5
EPSS Score
0.019
Published
2019-11-08
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-10-29
In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-10-29
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server
CVSS Score
5.2
EPSS Score
0.004
Published
2019-10-14
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.
CVSS Score
9.8
EPSS Score
0.012
Published
2019-10-12