Lucene search
K

12 matches found

vulnersosv
vulnersosv
added 2024/11/17 12:30 p.m.6 views

app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:sharaf_3 (>=0.0.7 <=0.3.0) +695 more potentially affected by CVE-2023-4639 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.10.Final)

io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.0.7, =22.11.0, =22.11.0, =0.0.1-jdk17-RELEASES, =0.0.1-jdk17-RELEASES, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.20 and more Source cves: CVE-2023-4639 Source advisory: OSV:GHSA-3JRV-JGP8-45V3...

7.4CVSS7AI score0.01117EPSS
Exploits0
nvd
nvd
added 2024/11/17 11:15 a.m.30 views

CVE-2023-4639

A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized da...

7.4CVSS0.01117EPSS
Exploits0References10
ubuntucve
ubuntucve
added 2024/11/17 11:15 a.m.18 views

CVE-2023-4639

A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized da...

7.4CVSS7.1AI score0.01117EPSS
Exploits0References2
cve
cve
added 2024/11/17 10:21 a.m.138 views

CVE-2023-4639

Undertow contains a flaw in how cookies with certain value-delimiting characters are parsed from incoming requests. The issue can allow an attacker to construct a cookie value to exfiltrate HttpOnly cookies or spoof additional cookie values, leading to unauthorized data access or modification. Th...

7.4CVSS7.3AI score0.01117EPSS
Exploits0References10
debiancve
debiancve
added 2024/11/17 10:21 a.m.33 views

CVE-2023-4639

A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized da...

7.4CVSS7.4AI score0.01117EPSS
Exploits0
redhat
redhat
added 2024/06/13 11:37 a.m.36 views

Important: Red Hat Security Advisory: Migration Toolkit for Runtimes security, bug fix and enhancement update

Migration Toolkit for Runtimes 1.2.6 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

8.1CVSS6.7AI score0.01552EPSS
Exploits1References6
redhat
redhat
added 2024/05/08 2:25 p.m.54 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.01714EPSS
Exploits0References2
nessus
nessus
added 2024/05/08 12:0 a.m.36 views

RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0 (RHSA-2024:2764)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2764 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...

7.5CVSS6.5AI score0.01714EPSS
Exploits0References6
redhat
redhat
added 2024/04/04 3:23 p.m.103 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.9AI score0.93305EPSS
Exploits4References23
redhat
redhat
added 2024/04/04 3:23 p.m.124 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.9AI score0.93305EPSS
Exploits4References23
redhat
redhat
added 2024/04/04 3:23 p.m.77 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.9AI score0.93305EPSS
Exploits4References23
redhat
redhat
added 2024/04/04 3:22 p.m.46 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.9AI score0.93305EPSS
Exploits5References25
Rows per page
Query Builder