Data Grid@8.0.0 Security Vulnerabilities and Issues — Data Grid@8.0.0 CVE List

Lucene search

RedhatData Grid8.0.0

3 matches found

CVE•added 2023/10/04 11:15 a.m.•531 views

CVE-2023-4586

A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.

7.4CVSS7.2AI score0.001EPSS

CVE•added 2024/08/21 2:15 p.m.•180 views

CVE-2024-7885

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the sa...

7.5CVSS7.4AI score0.28035EPSS

CVE•added 2021/09/21 11:15 a.m.•51 views

CVE-2021-31917

A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). An attacker could bypass authentication on all REST endpoints when DIGEST is used as the authentication method. The highest threat from this vulnerability is to data confidentiality and ...

9.8CVSS9.5AI score0.00431EPSS