pki-servlet-4.0-api vulnerabilities

Known vulnerabilities in the pki-servlet-4.0-api package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Resource Exhaustion	*
M Time-of-check Time-of-use (TOCTOU)	*
M Time-of-check Time-of-use (TOCTOU)	*
L Unchecked Error Condition	*
H Resource Exhaustion	*
H Incomplete Cleanup	*
H Improper Input Validation	*
H Information Exposure	*
M Incomplete Cleanup	*
M Incomplete Cleanup	*
M Improper Input Validation	*
H Resource Exhaustion	*
M Open Redirect	*
M Off-by-one Error	*
M Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
L Arbitrary Code Injection	*
L Memory Leak	*
L Race Condition	*
L Incomplete Documentation of Program Execution	*
M Sensitive Information Uncleared Before Release	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
L Resource Exhaustion	*
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Improper Input Validation	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Static Code Injection	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Static Code Injection	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M HTTP Request Smuggling	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Improper Input Validation	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Improper Certificate Validation	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
H Deserialization of Untrusted Data	<1:9.0.7-14.module+el8.0.0+3892+c903d3f0
H Race Condition	<1:9.0.7-14.module+el8.0.0+3248+9d514f3b
H Improper Input Validation	<1:9.0.7-14.module+el8.0.0+3248+9d514f3b
H Improper Access Control	<1:9.0.7-14.module+el8.0.0+3248+9d514f3b
H Resource Injection	<1:9.0.7-14.module+el8.0.0+3248+9d514f3b
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
L Deserialization of Untrusted Data	*
L Information Exposure	*
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
L Deserialization of Untrusted Data	*
M Improper Authorization	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
L Information Exposure	*
L Resource Exhaustion	*
M Information Exposure	*
L Resource Exhaustion	*
M Resource Exhaustion	*
L Session Fixation	*
M Improper Access Control	*
M Resource Exhaustion	*
L Cross-site Scripting (XSS)	*
H Resource Exhaustion	*

Vulnerability

Vulnerable Version

Resource Exhaustion