hibernate4-entitymanager-eap6 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the hibernate4-entitymanager-eap6 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Improper Input Validation	<0:4.2.27-1.Final_redhat_1.1.ep6.el7
M Access Restriction Bypass	<0:4.2.20-1.Final_redhat_1.1.ep6.el7
M Improper Cleanup on Thrown Exception	<0:4.2.17-2.SP1_redhat_1.1.ep6.el7
M Improper Access Control	<0:4.2.17-2.SP1_redhat_1.1.ep6.el7
M Incorrect Authorization	<0:4.2.17-2.SP1_redhat_1.1.ep6.el7
M Incorrect Authorization	<0:4.2.17-2.SP1_redhat_1.1.ep6.el7
C Missing Authorization	<0:4.2.21-1.Final_redhat_1.1.ep6.el7
H Insufficient Verification of Data Authenticity	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
H Cross-site Scripting (XSS)	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
H Cross-site Scripting (XSS)	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
H Authentication Bypass by Primary Weakness	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
H Improperly Implemented Security Check for Standard	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
H Use of a Broken or Risky Cryptographic Algorithm	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
H Incorrect Permission Assignment for Critical Resource	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
H Information Exposure	<0:4.2.18-2.Final_redhat_2.1.ep6.el7
L Incorrect Privilege Assignment	<0:4.2.14-8.SP3_redhat_1.1.ep6.el7
M Improper Input Validation	<0:4.2.26-1.Final_redhat_1.1.ep6.el7
H Deserialization of Untrusted Data	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Improper Access Control	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Incorrect Privilege Assignment	<0:4.2.27-1.Final_redhat_1.1.ep6.el7
H Error Handling	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H HTTP Request Smuggling	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Improper Input Validation	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Improper Access Control	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
C Deserialization of Untrusted Data	<0:4.2.21-1.Final_redhat_1.1.ep6.el7
H CVE-2015-0254	<0:4.2.22-1.Final_redhat_1.1.ep6.el7
M Improper Input Validation	<0:4.2.14-9.SP4_redhat_1.1.ep6.el7
H Deserialization of Untrusted Data	<0:4.2.27-1.Final_redhat_1.1.ep6.el7
H Improper Access Control	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Security Features	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Information Exposure	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Security Features	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
H Access Restriction Bypass	<0:4.2.23-1.Final_redhat_1.1.ep6.el7
M XML External Entity (XXE) Injection	<0:4.2.17-2.SP1_redhat_1.1.ep6.el7

Vulnerability

Vulnerable Version

Improper Input Validation

<0:4.2.27-1.Final_redhat_1.1.ep6.el7

Access Restriction Bypass

<0:4.2.20-1.Final_redhat_1.1.ep6.el7

Improper Cleanup on Thrown Exception

<0:4.2.17-2.SP1_redhat_1.1.ep6.el7

Improper Access Control

<0:4.2.17-2.SP1_redhat_1.1.ep6.el7

Incorrect Authorization

<0:4.2.17-2.SP1_redhat_1.1.ep6.el7