4 matches found
CVE-2026-42402
A flaw was found in Apache Neethi. A remote attacker can exploit this vulnerability by providing specially crafted WS-Policy documents. This triggers an algorithmic complexity issue during policy normalization, leading to an exponential expansion of policy alternatives. This unbounded memory...
CVE-2026-42403
A flaw was found in Apache Neethi. An attacker can exploit this vulnerability by crafting malicious WS-Policy documents that contain circular policy references. This can cause the policy normalization process to enter an infinite loop or excessive recursion, leading to a stack overflow or...
CVE-2026-42403
Apache Neethi (CVE-2026-42403) can fail to detect circular WS-Policy references during policy normalization, causing infinite recursion or an infinite loop that may lead to stack overflow or application hang. An attacker can craft policy documents with circular references, resulting in Denial of ...
Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update
An update for JBoss Enterprise Application Platform 5.2.0 which fixes two security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...