Lucene search

K

Amq Security Vulnerabilities - July

cve
cve

CVE-2015-5182

Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.

8.8CVSS

8.8AI Score

0.002EPSS

2017-09-25 09:29 PM
49
4
cve
cve

CVE-2015-5183

Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.

7.5CVSS

8.3AI Score

0.006EPSS

2017-09-25 09:29 PM
43
cve
cve

CVE-2015-5184

Console: CORS headers set to allow all in Red Hat AMQ.

7.5CVSS

8AI Score

0.002EPSS

2017-09-25 09:29 PM
44
cve
cve

CVE-2020-14297

A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make...

6.5CVSS

6.1AI Score

0.001EPSS

2020-07-24 04:15 PM
127
cve
cve

CVE-2020-14307

A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft...

6.5CVSS

6.1AI Score

0.001EPSS

2020-07-24 04:15 PM
107
2
cve
cve

CVE-2020-14379

A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure.

5.6CVSS

5.2AI Score

0.0004EPSS

2022-08-16 09:15 PM
34
6
cve
cve

CVE-2022-1278

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.

7.5CVSS

7.3AI Score

0.002EPSS

2022-09-13 02:15 PM
93
3