pki-servlet-engine vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the pki-servlet-engine package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Session Fixation	*
H Stack-based Buffer Overflow	<1:9.0.62-1.module+el8.10.0+21257+2b5308b5
M Race Condition	*
L Integer Overflow or Wraparound	*
M Resource Exhaustion	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
L Authentication Bypass	*
M Improper Handling of Case Sensitivity	*
L Improper Neutralization	*
L Resource Exhaustion	*
M Time-of-check Time-of-use (TOCTOU)	*
M Time-of-check Time-of-use (TOCTOU)	*
L Uncaught Exception	*
H Resource Exhaustion	*
M Resource Exhaustion	<1:9.0.62-1.module+el8.10.0+21257+2b5308b5
H Incomplete Cleanup	*
H Improper Input Validation	*
M Incomplete Cleanup	*
M Improper Input Validation	*
H Resource Exhaustion	*
M Open Redirect	*
M Off-by-one Error	*
M Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
L Arbitrary Code Injection	*
L Memory Leak	*
L Race Condition	*
L Incomplete Documentation of Program Execution	*
M Sensitive Information Uncleared Before Release	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
L Resource Exhaustion	*
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Improper Input Validation	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Static Code Injection	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Static Code Injection	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M HTTP Request Smuggling	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Improper Input Validation	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Improper Certificate Validation	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Cross-site Scripting (XSS)	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
L Deserialization of Untrusted Data	*
L Information Exposure	*
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
M Deserialization of Untrusted Data	<1:9.0.7-16.module+el8.1.0+3366+6dfb954c
L Deserialization of Untrusted Data	*
M Improper Authorization	<1:9.0.30-1.module+el8.3.0+6730+8f9c6254
L Information Exposure	*
L Resource Exhaustion	*
M Information Exposure	*
L Resource Exhaustion	*
M Resource Exhaustion	*
L Session Fixation	*
M Improper Access Control	*

Vulnerability

Vulnerable Version

Session Fixation