Lucene search
K
RedhatJboss Data Virtualization

5 matches found

CVE
CVE
added 2021/12/14 12:0 a.m.1458 views

CVE-2021-4104

CVE-2021-4104 affects JMSAppender in Log4j 1.2 when it is explicitly configured to use JMSAppender. A deserialization of untrusted data can occur if an attacker can write Log4j configuration and supply TopicBindingName and TopicConnectionFactoryBindingName, causing JMSAppender to perform JNDI req...

7.5CVSS9.4AI score0.81147EPSS
In wild
CVE
CVE
added 2017/11/09 12:0 a.m.359 views

CVE-2015-7501

CVE-2015-7501 involves a deserialization flaw in Apache Commons Collections that affects Red Hat JBoss Middleware stack (A-MQ 6.x; BPMS 6.x; BRMS 5.x/6.x; JDG 6.x/5.x; JDV 6.x/5.x; AEP 6.x; Fuse 6.x; FSW 6.x; JBoss ON 3.x; Portal 6.x; SOA-P 5.x; JWS 3.x; OpenShift/xPaaS 3.x; Subscription Asset Ma...

10CVSS9.7AI score0.83274EPSS
CVE
CVE
added 2021/06/02 12:4 p.m.164 views

CVE-2020-14340

CVE-2020-14340 affects XNIO prior to the fix in RHSA-2020:4246. A file descriptor leak occurs due to growing NIO Selector handles across garbage collection cycles, enabling a denial-of-service condition. Affected: XNIO 3.6.0.Beta1 through 3.8.1.Final. Root cause: leak in file descriptor managemen...

5.9CVSS5.5AI score0.0222EPSS
CVE
CVE
added 2014/09/30 2:0 p.m.51 views

CVE-2014-0170

Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 are affected by an XML External Entity (XXE) vulnerability. A remote attacker could read arbitrary files via a crafted request to a REST endpoint. The Red Hat advisory RHSA-2014:1284 confirms a fix in Red...

4.3CVSS6.9AI score0.01964EPSS
CVE
CVE
added 2015/01/15 3:0 p.m.51 views

CVE-2014-0171

An XXE vulnerability (CVE-2014-0171) affects StaxXMLFactoryProvider2 in Odata4j used by Red Hat JBoss Data Virtualization prior to 6.0.0 patch 4. The flaw lets a remote attacker submit a crafted XML payload via a REST endpoint that resolves external entities and can read arbitrary files on the se...

5CVSS6.8AI score0.0211EPSS