13 matches found
br.eti.clairton:ds-test (=0.4.0), br.jus.stf.digital:core (>=2.0.0 <=2.3.1) +420 more potentially affected by CVE-2017-7559 via io.undertow:undertow-core (>=1.4.0.Beta1 <=1.4.16.Final)
io.undertow:undertow-core MAVEN version =1.4.0.Beta1, =2.0.0, =0.2.7, =1.2.0, =1, =1, =1.0, =1.1 - com.fizzed:ninja-undertow =5.7.0.undertow2 - com.gitblit.fathom:fathom-core =0.9.0 - com.gitblit.fathom:fathom-eventbus =0.9.0 - com.gitblit.fathom:fathom-integration-test =0.9.0 -...
co.paralleluniverse:comsat-actors-undertow (>=0.6.0 <=0.7.0), co.paralleluniverse:comsat-test-utils (>=0.6.0 <=0.7.0) +609 more potentially affected by CVE-2017-7559 via io.undertow:undertow-core (>=1.3.0.Beta1 <=1.3.30.Final)
io.undertow:undertow-core MAVEN version =1.3.0.Beta1, =0.6.0, =0.6.0, =1.3.0, =1.1.0, =0.0.8, =0.0.8, =0.1.0, =0.0.6, =0.0.7, =5.3.1.undertow1, =2.3.7, =0.8.0, =0.8.0, =0.8.0, =0.8.4 and more Source cves: CVE-2017-7559 Source advisory: OSV:GHSA-RJ76-H87P-R3WF...
cn.dreampie:resty-server (=1.3.0.RELEASE), com.github.chrisdchristo:pipe (=1.0.0) +31 more potentially affected by CVE-2017-7559 via io.undertow:undertow-core (=2.0.0.Alpha1)
io.undertow:undertow-core MAVEN version =2.0.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - cn.dreampie:resty-server =1.3.0.RELEASE - com.github.chrisdchristo:pipe =1.0.0 -...
CVE-2017-7559
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that als...
CVE-2017-7559
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that als...
CVE-2017-7559
The CVE-2017-7559 entry concerns Undertow: in 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, the mitigation for CVE-2017-2666 was incomplete, allowing invalid characters in the HTTP request line (query string and path parameters). This can be exploited with a p...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 7
An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update
An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.1.0 (RHSA-2017:3454)
"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3454 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Re...
RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:3458)
"The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3458 advisory. The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services AW...
Important: Red Hat Security Advisory: eap7-jboss-ec2-eap security update
An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact o...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.0 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.0 security update
An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...