3 matches found
io.micronaut.testresources:micronaut-test-resources-infinispan (>=3.0.0-M5 <=4.0.0-M1), io.quarkus:quarkus-test-infinispan-client (>=2.5.0.CR1 <=3.2.0.Final) +54 more potentially affected by CVE-2024-6875 via org.infinispan:infinispan-server-rest (>=10.0.0.Alpha1 <=9.4.9.Final)
org.infinispan:infinispan-server-rest MAVEN version =10.0.0.Alpha1, =3.0.0-M5, =2.5.0.CR1, =8.0.0.Beta1, =7.0.0.CR1, =15.0.14.Final, =9.3.0.CR1, =9.3.0.CR1, =8.0.0.Alpha1, =9.0.0.Beta1, =9.0.0.Beta1, =15.0.0.CR1, =15.0.0.CR1, =12.1.1.Final, =12.1.1.Final, =16.2.1 and more Source cves: CVE-2024-68...
org.infinispan:infinispan-distribution (=9.0.0.Beta1), org.infinispan:infinispan-javadoc-all (=9.0.0.Beta1) +26 more potentially affected by CVE-2016-6345 via org.jboss.resteasy:resteasy-client (>=3.1.0.Beta1 <=3.1.0.Beta2)
org.jboss.resteasy:resteasy-client MAVEN version =3.1.0.Beta1, =5.3.4.Final, =5.3.4.Final, =3.1.0.Beta1, =3.1.0.Beta1, =3.1.0.Beta1, =3.1.0.Beta1, =3.1.0.Beta1, =3.1.0.Beta1, =3.1.0.Beta1, =3.1.0.Beta2 and more Source cves: CVE-2016-6345 Source advisory: OSV:GHSA-VXHJ-3X7P-JXP5...
infinispan-server-rest: Actions with effects should not be permitted via GET requests using REST API
A flaw was found in infinispan-server-rest version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a Cross-site request forgery CSRF attack...