Integration Service Registry Security Vulnerabilities and Issues — Integration Service Registry CVE List

Lucene search

RedhatIntegration Service Registry

4 matches found

CVE•added 2023/10/10 2:15 p.m.•4617 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.94414EPSS

In wildWeb

CVE•added 2023/09/14 3:15 p.m.•2616 views

CVE-2023-1108

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.

7.5CVSS7.3AI score0.0481EPSS

CVE•added 2023/02/23 8:15 p.m.•154 views

CVE-2022-4492

The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.

7.5CVSS7.3AI score0.00121EPSS

CVE•added 2022/09/13 2:15 p.m.•121 views

CVE-2022-1278

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.

7.5CVSS7.3AI score0.00761EPSS