EUVD-2024-1854

Malicious code in bioql PyPI...

GHSA-64GP-R758-8PFM Cross Site Scripting (XSS) vulnerability while uploading content to a new deployment

A vulnerability was found in the WildFly management console. A user may perform cross-site scripting in the deployment system. An attacker or insider may execute a malicious payload which could trigger an undesired behavior against the server. Impact Cross-site scripting XSS vulnerability in the...

PT-2024-40113 · Red Hat · Wildfly Management Console

Name of the Vulnerable Software and Affected Versions: WildFly management console affected versions not specified Description: A cross-site scripting issue was found in the WildFly management console, specifically in the deployment system, allowing a user to perform cross-site scripting. This cou...

wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)

A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections...

wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)

A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections...

wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)

A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 8

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

AS/WildFly: missing X-Frame-Options header leading to clickjacking

It was discovered that the EAP Management Console could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console clickjacking...