Input validation

Red Hat JBoss A-MQ 6.x; BPM Suite BPMS 6.x; BRMS 6.x and 5.x; Data Grid JDG 6.x; Data Virtualization JDV 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works FSW 6.x; Operations Network JBoss ON 3.x; Portal 6.x; SOA Platform SOA-P 5.x; Web Server JWS 3.x;...

CVE-2015-7501

Red Hat JBoss A-MQ 6.x; BPM Suite BPMS 6.x; BRMS 6.x and 5.x; Data Grid JDG 6.x; Data Virtualization JDV 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works FSW 6.x; Operations Network JBoss ON 3.x; Portal 6.x; SOA Platform SOA-P 5.x; Web Server JWS 3.x;...

Important: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.3 Update 7 security update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Critical: Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Important: Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.2.0 security update

Red Hat JBoss Data Virtualization 6.2.0 update 2, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

Critical: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0, 6.1.0, and 6.2.0 security update

An update for the Apache Commons Collections component that fixes one security issue is now available from the Red Hat Customer Portal for Red Hat JBoss Data Virtualization 6.0.0, 6.1.0 and 6.2.0. Red Hat Product Security has rated this update as having Critical security impact. A Common...

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.1.0 security update

Red Hat JBoss Data Virtualization 6.1.0 2015 roll up patch 3, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base scor...

Important: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update

Red Hat JBoss Data Virtualization 6.0.0 2015 roll up patch 1, which fixes multiple security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

Important: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.1.0 update

Red Hat JBoss Data Virtualization 6.1.0, which fixes multiple security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

CVE-2014-0171

XML external entity XXE vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint...

Xxe

XML external entity XXE vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint...

CVE-2014-0171

An XXE vulnerability (CVE-2014-0171) affects StaxXMLFactoryProvider2 in Odata4j used by Red Hat JBoss Data Virtualization prior to 6.0.0 patch 4. The flaw lets a remote attacker submit a crafted XML payload via a REST endpoint that resolves external entities and can read arbitrary files on the se...

CVE-2014-0171

XML external entity XXE vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint...

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update

Red Hat JBoss Data Virtualization 6.0.0 roll up patch 4, which fixes three security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

Moderate: Red Hat Security Advisory: Apache POI security update

An update for the Apache POI component that fixes two security issues is now available from the Red Hat Customer Portal for Red Hat JBoss Data Virtualization 6.0.0. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

CVE-2014-0170

Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity XXE issue...

Xxe

Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity XXE issue...

CVE-2014-0170

Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity XXE issue...