Red hat jboss data grid

This hub aggregates every CVE we track for Red hat jboss data grid, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat jboss data grid.

• CVE-2024-12798JaninoEventEvaluator vulnerability7.3Dec 19, 2024
• CVE-2024-38809Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users ...5.3Sep 27, 2024
• CVE-2024-6162Undertow: url-encoded request path information can be broken on ajp-listener7.5Jun 20, 2024
• CVE-2024-4067Regular Expression Denial of Service in micromatch5.3May 13, 2024
• CVE-2023-39410Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK7.5Sep 29, 2023
• CVE-2022-4245Codehaus-plexus: xml external entity (xxe) injection4.3Sep 25, 2023
• CVE-2022-4244Codehaus-plexus: directory traversal7.5Sep 25, 2023
• CVE-2023-35116jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that ...4.7Jun 14, 2023
• CVE-2021-46877jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving Jso...7.5Mar 18, 2023
• CVE-2022-45047Apache MINA SSHD: Java unsafe deserialization vulnerability9.8Nov 16, 2022
• CVE-2022-37866Apache Ivy allows path traversal in the presence of a malicious repository7.5Nov 7, 2022
• CVE-2022-37865Apache Ivy allows creating/overwriting any file on the system9.1Nov 7, 2022
• CVE-2022-42920Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing9.8Nov 7, 2022
• CVE-2022-40152Stack Buffer Overflow in Woodstox6.5Sep 16, 2022
• CVE-2021-3644A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management inte...3.3Aug 26, 2022