Fuse@* Security Vulnerabilities and Issues — Fuse@* CVE List

Lucene search

RedhatFuse*

4 matches found

CVE•added 2018/07/24 8:29 p.m.•300 views

CVE-2018-10906

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attac...

7.8CVSS7.5AI score0.001EPSS

CVE•added 2020/07/06 7:15 p.m.•211 views

CVE-2019-14900

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unautho...

6.5CVSS6.7AI score0.01446EPSS

CVE•added 2019/11/08 3:15 p.m.•98 views

CVE-2019-14860

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.

7.4CVSS6.3AI score0.00277EPSS

CVE•added 2018/08/01 2:29 p.m.•50 views

CVE-2016-8653

It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.

5.3CVSS5.2AI score0.00345EPSS