eap7-jboss-ec2-eap-samples vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the eap7-jboss-ec2-eap-samples package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
CVE-2017-12189

<0:7.0.9-2.GA_redhat_2.ep7.el7
  • H
Directory Traversal

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • H
Insufficient Verification of Data Authenticity

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • H
HTTP Request Smuggling

<0:7.0.9-2.GA_redhat_2.ep7.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:7.0.9-2.GA_redhat_2.ep7.el7
  • H
HTTP Request Smuggling

<0:7.0.9-2.GA_redhat_2.ep7.el7
  • H
Information Exposure

<0:7.1.0-5.GA_redhat_5.ep7.el7
  • H
Improper Input Validation

<0:7.1.2-1.GA_redhat_1.ep7.el7
  • H
Information Exposure

<0:7.0.8-1.GA_redhat_1.ep7.el7
  • H
Out-of-Bounds

<0:7.0.3-3.GA_redhat_2.ep7.el7
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:7.0.6-1.GA_redhat_1.ep7.el7
  • M
HTTP Request Smuggling

<0:7.0.6-1.GA_redhat_1.ep7.el7
  • H
Access Restriction Bypass

<0:7.1.0-5.GA_redhat_5.ep7.el7
  • H
Covert Timing Channel

<0:7.0.8-1.GA_redhat_1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • H
Improper Authentication

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • H
Resource Exhaustion

<0:7.0.5-1.GA_redhat_1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • H
Deserialization of Untrusted Data

<0:7.1.0-5.GA_redhat_5.ep7.el7
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:7.0.8-1.GA_redhat_1.ep7.el7
  • H
Improper Input Validation

<0:7.1.0-5.GA_redhat_5.ep7.el7
  • H
Improper Input Validation

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • H
Improper Access Control

<0:7.0.5-1.GA_redhat_1.ep7.el7
  • M
Resource Exhaustion

<0:7.0.4-5.GA_redhat_2.ep7.el7
  • M
Information Exposure

<0:7.0.4-5.GA_redhat_2.ep7.el7
  • M
Directory Traversal

<0:7.0.6-1.GA_redhat_1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • H
Information Exposure

<0:7.0.8-1.GA_redhat_1.ep7.el7
  • H
Incomplete Blacklist

<0:7.1.1-3.1.GA_redhat_3.ep7.el7
  • M
Improper Input Validation

<0:7.0.6-1.GA_redhat_1.ep7.el7
  • H
HTTP Response Splitting

<0:7.1.0-5.GA_redhat_5.ep7.el7
  • H
HTTP Response Splitting

<0:7.1.2-1.GA_redhat_1.ep7.el7
  • H
CVE-2015-0254

<0:7.0.2-2.GA_redhat_1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:7.0.8-1.GA_redhat_1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:7.1.2-1.GA_redhat_1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:7.0.8-1.GA_redhat_1.ep7.el7
  • H
Improper Neutralization of Special Elements

<0:7.0.9-2.GA_redhat_2.ep7.el7
  • H
CVE-2016-6346

<0:7.0.9-2.GA_redhat_2.ep7.el7