The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of JBoss EAP by Red Hat

FasterXML jackson-databind: information disclosure via net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup Polymorphic Typing
An attacker can bypass access restrictions to data via net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup Polymorphic Typing of FasterXML jackson-databind, in order to obtain sensitive information...
CVE-2019-17267, DLA-2030-1, RHSA-2020:0159-01, RHSA-2020:0160-01, RHSA-2020:0161-01, RHSA-2020:0164-01, VIGILANCE-VUL-30870
Red Hat JBoss EAP wildfly-core: denial of service via Management Users Server Stop
An attacker can trigger a fatal error via Management Users Server Stop of Red Hat JBoss EAP wildfly-core, in order to trigger a denial of service...
1751227, CVE-2019-14838, RHSA-2019:3082-01, RHSA-2019:3083-01, RHSA-2019:4018-01, RHSA-2019:4019-01, RHSA-2019:4020-01, RHSA-2019:4021-01, RHSA-2019:4040-01, RHSA-2019:4041-01, RHSA-2019:4042-01, RHSA-2019:4045-01, VIGILANCE-VUL-30628
Keycloak: privilege escalation via Adapter Endpoints Access
An attacker can bypass restrictions via Adapter Endpoints Access of Keycloak, in order to escalate his privileges...
CVE-2019-14820, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3048-01, RHSA-2019:3049-01, RHSA-2019:3050-01, VIGILANCE-VUL-30608
WildFly: privilege escalation via Security Manager
An attacker can bypass restrictions via Security Manager of WildFly, in order to escalate his privileges...
CVE-2019-14843, RHSA-2019:2973-01, RHSA-2019:2974-01, RHSA-2019:4018-01, RHSA-2019:4019-01, RHSA-2019:4020-01, RHSA-2019:4021-01, RHSA-2019:4040-01, RHSA-2019:4041-01, RHSA-2019:4042-01, RHSA-2019:4045-01, VIGILANCE-VUL-30542
FasterXML jackson-databind: code execution via com.p6spy.engine.spy.P6DataSource Deserialization
An attacker can use a vulnerability via com.p6spy.engine.spy.P6DataSource Deserialization of jackson-databind, in order to run code...
CVE-2019-16943, DLA-1943-1, DSA-4542-1, FEDORA-2019-b171554877, RHSA-2020:0159-01, RHSA-2020:0160-01, RHSA-2020:0161-01, RHSA-2020:0164-01, VIGILANCE-VUL-30502
FasterXML jackson-databind: code execution via org.apache.commons.dbcp.datasources.SharedPoolDataSource Deserialization
An attacker can use a vulnerability via org.apache.commons.dbcp.datasources.SharedPoolDataSource Deserialization of jackson-databind, in order to run code...
CVE-2019-16942, DLA-1943-1, DSA-4542-1, FEDORA-2019-b171554877, RHSA-2020:0159-01, RHSA-2020:0160-01, RHSA-2020:0161-01, RHSA-2020:0164-01, VIGILANCE-VUL-30501
FasterXML jackson-databind: code execution via com.zaxxer.hikari.HikariDataSource Deserialization
An attacker can use a vulnerability via com.zaxxer.hikari.HikariDataSource Deserialization of jackson-databind, in order to run code...
CVE-2019-16335, DLA-1943-1, DSA-4542-1, FEDORA-2019-b171554877, NTAP-20191004-0002, RHSA-2020:0159-01, RHSA-2020:0160-01, RHSA-2020:0161-01, RHSA-2020:0164-01, VIGILANCE-VUL-30500
FasterXML jackson-databind: code execution via com.zaxxer.hikari.HikariConfig Deserialization
An attacker can use a vulnerability via com.zaxxer.hikari.HikariConfig Deserialization of jackson-databind, in order to run code...
CVE-2019-14540, DLA-1943-1, DSA-4542-1, FEDORA-2019-b171554877, NTAP-20191004-0002, RHSA-2020:0159-01, RHSA-2020:0160-01, RHSA-2020:0161-01, RHSA-2020:0164-01, VIGILANCE-VUL-30499
Undertow: information disclosure via Debug Log
An attacker can bypass access restrictions to data via Debug Log of Undertow, in order to obtain sensitive information...
CVE-2019-10212, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, VIGILANCE-VUL-30484
Codehaus: code execution via Deserialization
An attacker can use a vulnerability via Deserialization of Codehaus, in order to run code...
CVE-2019-10202, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, VIGILANCE-VUL-30483
Our database contains other pages. You can request a free trial to read them.

Display information about JBoss EAP by Red Hat: