Single Sign-on Security Vulnerabilities and Issues — Single Sign-on CVE List

Lucene search

RedhatSingle Sign-on

3 matches found

CVE•added 2020/07/06 7:15 p.m.•213 views

CVE-2019-14900

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unautho...

6.5CVSS6.7AI score0.01446EPSS

CVE•added 2020/07/24 4:15 p.m.•162 views

CVE-2020-14297

A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make...

6.5CVSS6.1AI score0.00384EPSS

CVE•added 2020/07/24 4:15 p.m.•136 views

CVE-2020-14307

A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft...

6.5CVSS6.1AI score0.00415EPSS