CVE-2026-47244 vulnerabilities

Vulnerabilities for packages: akhq, request-9047-keycloak-fips, camunda-zeebe, knative-kafka-broker-fips, apache-camel-karavan-devmode, zipkin, thingsboard, airbyte-server, apache-nifi, commercial-elasticsearch, apache-pulsar, kafbat-ui, infinispan, keycloak-fips, localstack,...

GHSA-5X3R-WRVG-RP6Q vulnerabilities

Vulnerabilities for packages: akhq, request-9047-keycloak-fips, camunda-zeebe, knative-kafka-broker-fips, apache-camel-karavan-devmode, zipkin, thingsboard, airbyte-server, apache-nifi, commercial-elasticsearch, apache-pulsar, kafbat-ui, infinispan, keycloak-fips, localstack,...

GHSA-MJ4R-2HFC-F8P6 vulnerabilities

Vulnerabilities for packages: opensearch, spark, zookeeper, akhq, thingsboard, apache-nifi-registry, zipkin, apache-nifi, wildfly, trino, tez, infinispan, druid, keycloak, flyway, apicurio-registry, apache-activemq-artemis, neo4j, wavefront-proxy, docker-selenium, logstash, apache-pulsar,...

GHSA-M4CV-J2PX-7723 vulnerabilities

Vulnerabilities for packages: opensearch, spark, akhq, thingsboard, apache-nifi-registry, zipkin, apache-nifi, trino, tez, infinispan, druid, keycloak, flyway, apicurio-registry, apache-activemq-artemis, neo4j, wavefront-proxy, docker-selenium, logstash, apache-pulsar, strimzi-kafka-operator,...

GHSA-V8H7-RR48-VMMV vulnerabilities

Vulnerabilities for packages: opensearch-fips, akhq, tez, camunda-zeebe, knative-kafka-broker-fips, apache-camel-karavan-devmode, zipkin, thingsboard, apache-nifi, commercial-elasticsearch, apache-pulsar, kafbat-ui, infinispan, keycloak-fips, localstack, management-api-for-apache-cassandra-5.0,...

org.apache.camel.kafkaconnector:camel-infinispan-sink-kafka-connector (>=4.0.0 <=4.14.5), org.apache.camel.kafkaconnector:camel-infinispan-source-kafka-connector (>=4.0.0 <=4.14.5) +8 more potentially affected by CVE-2026-40858 via org.apache.camel:camel-infinispan (>=4.0.0 <=4.14.6)

org.apache.camel:camel-infinispan MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.10.3, =3.2.0, =3.2.0, =3.2.0, =3.2.0, =3.2.0, =4.10.0, =4.0.0, =4.14.6 Source cves: CVE-2026-40858 Source advisory: OSV:GHSA-4XWX-HVV7-7PRJ...

EUVD-2024-54328

Malicious code in bioql PyPI...

EUVD-2022-4059

Malicious code in bioql PyPI...

CVE-2025-55163 vulnerabilities

Vulnerabilities for packages: spark, akhq, thingsboard, celeborn, apache-nifi, wildfly, trino, tez, infinispan, druid, sonarqube, keycloak, flyway, apicurio-registry, keycloak-operator, apache-pulsar, strimzi-kafka-operator, kserve-modelmesh, debezium-connector-vitess,...

Infinispan CLI 安全漏洞

Infinispan CLI is a command line interface for the Infinispan organization. A security vulnerability exists in the Infinispan CLI that stems from the use of plaintext passwords when handling Base64-encoded Kubernetes secrets, which could lead to the disclosure of sensitive information...

Infinispan Potential Out of Memory Error via REST Compare API Buffer API

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API...

CVE-2024-6875

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API...

CVE-2024-6875 Infinispan: infinispan: rest compare api has buffer leak

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API...

CVE-2024-6875 Infinispan: infinispan: rest compare api has buffer leak

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API...

CVE-2024-6875

A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API...

Infinispan vulnerable to Insertion of Sensitive Information into Log File

A flaw was found in Infinispan, when using JGroups with JDBCPING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by maliciou...

CVE-2025-0736 Org.infinispan-infinispan-parent: exposure of sensitive information in application logs

A flaw was found in Infinispan, when using JGroups with JDBCPING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by maliciou...

CVE-2025-0736 Org.infinispan-infinispan-parent: exposure of sensitive information in application logs

A flaw was found in Infinispan, when using JGroups with JDBCPING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by maliciou...

CVE-2025-0736

CVE-2025-0736 concerns Infinispan when used with JGroups/JDBC_PING, where sensitive information (e.g., configuration data or credentials) can be exposed through logging. This logging exposure can enable unauthorized access. Affected product/impact: Infinispan (org.infinispan-infinispan-parent) wi...

CVE-2020-10746

A flaw was found in Infinispan org.infinispan:infinispan-server-runtime version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion...