Redhat Integration_service_registry
7 CVEs affecting Redhat Integration_service_registry. Latest disclosed: 2023-10-10. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-4853 | High | 8.1 | 2023-09-20 | A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in inco… |
CVE-2023-44487 | High | 7.5 | 2023-10-10 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the w… |
CVE-2023-1108 | High | 7.5 | 2023-09-14 | A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the lo… |
CVE-2022-4492 | High | 7.5 | 2023-02-23 | The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should… |
CVE-2022-1278 | High | 7.5 | 2022-09-13 | A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. |
CVE-2021-3536 | Medium | 4.8 | 2021-05-20 | A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in… |
CVE-2022-41862 | Low | 3.7 | 2023-03-03 | In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditi… |