Lucene search
+L

37 matches found

OSV
OSV
added 2024/05/31 11:8 a.m.6 views

OESA-2024-1667 infinispan security update

Infinispan is an extremely scalable, highly available data grid platform - 100% open source, and written in Java. The purpose of Infinispan is to expose a data structure that is highly concurrent, designed ground-up to make the most of modern multi-processor/multi-core architectures while at the...

8.8CVSS6.8AI score0.03089EPSS
Exploits0References2
OSV
OSV
added 2023/03/21 5:15 p.m.6 views

CVE-2023-1304

An authenticated attacker can leverage an exposed getattr method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the...

8.8CVSS7.3AI score0.01079EPSS
Exploits1References2
NVD
NVD
added 2023/03/21 5:15 p.m.13 views

CVE-2023-1304

An authenticated attacker can leverage an exposed getattr method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the...

8.8CVSS8.6AI score0.01079EPSS
Exploits1References2
CVE
CVE
added 2023/03/21 4:45 p.m.51 views

CVE-2023-1304

CVE-2023-1304 affects InsightCloudSec. An authenticated attacker can use an exposed getattr() via a Jinja template to smuggle OS commands and invoke actions normally restricted to private methods. Affected are InsightCloudSec versions prior to the fixes; the issue was resolved in Managed and SaaS...

8.8CVSS8.6AI score0.01079EPSS
Exploits1References2Affected Software2
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.4 views

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS5.7AI score0.03089EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/12 5:17 p.m.5 views

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS5.7AI score0.03089EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/11 8:34 p.m.4 views

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS5.7AI score0.03089EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/11 8:19 p.m.6 views

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS5.7AI score0.03089EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/26 3:46 p.m.4 views

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS5.7AI score0.03089EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/05 12:53 p.m.4 views

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS5.7AI score0.03089EPSS
Exploits0References4
OSV
OSV
added 2019/11/25 11:15 a.m.30 views

CVE-2019-10174

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS6.5AI score0.03089EPSS
Exploits0References4
Prion
Prion
added 2019/11/25 11:15 a.m.30 views

Design/Logic Flaw

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

6.5CVSS8.4AI score0.03089EPSS
Exploits0References4Affected Software3
CVE
CVE
added 2019/11/25 10:26 a.m.164 views

CVE-2019-10174

CVE-2019-10174 concerns Infinispan. The public ReflectionUtil.invokeAccessibly method allows an application class to invoke private methods in any class with Infinispan’s privileges, enabling unintended behavior changes via reflection. Connected advisories (OSV/RHSA) reference a security fix path...

8.8CVSS8.3AI score0.03089EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2019/11/18 2:40 p.m.6 views

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS5.7AI score0.03089EPSS
Exploits0References4
Veracode
Veracode
added 2019/11/18 3:10 a.m.35 views

Authorization Bypass

infinispan is vulnerable to authorization bypass. The vulnerability exists as the invokeAccessibly method in the ReflectionUtil class allows the invokation of any private methods with Infinispan's privileges...

8.8CVSS4.6AI score0.03089EPSS
Exploits0References7Affected Software3
RedhatCVE
RedhatCVE
added 2019/11/14 4:37 p.m.34 views

CVE-2019-10174

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

8.8CVSS4.6AI score0.03089EPSS
Exploits0References3
OSV
OSV
added 2018/08/30 2:10 p.m.8 views

SUSE-SU-2018:2561-1 Security update for cobbler

This update for cobbler fixes the following issues: Security issues fixed: - Forbid exposure of private methods in the API CVE-2018-10931, CVE-2018-1000225, bsc1104287, bsc1104189, bsc1105442 - Check access token when calling 'modifysetting' API endpoint bsc1104190, bsc1105440, CVE-2018-1000226...

9.8CVSS7.6AI score0.6786EPSS
Exploits0References11
Rows per page
Query Builder