eap7-jboss-el-api_3.0_spec vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the eap7-jboss-el-api_3.0_spec package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Improperly Implemented Security Check for Standard	<0:1.0.13-2.Final_redhat_00001.1.el7eap
H Race Condition	<0:1.0.13-2.Final_redhat_00001.1.el7eap
H Information Exposure Through Server Error Message	<0:2.0.1-1.Final_redhat_00001.1.el7eap
H HTTP Request Smuggling	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Incorrect Permission Assignment for Critical Resource	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H HTTP Request Smuggling	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Information Exposure	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Out-of-Bounds	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H HTTP Request Smuggling	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Access Restriction Bypass	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.0.1-1.Final_redhat_00001.1.el7eap
M Information Exposure	<0:1.0.13-1.Final_redhat_00001.1.ep7.el7
H Resource Exhaustion	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Deserialization of Untrusted Data	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
M Cross-site Scripting (XSS)	<0:1.0.13-1.Final_redhat_00001.1.ep7.el7
H Improper Input Validation	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Improper Access Control	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Resource Exhaustion	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Information Exposure	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Directory Traversal	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
M Information Exposure	<0:1.0.12-1.Final_redhat_00001.1.el7eap
H Information Exposure	<0:2.0.1-1.Final_redhat_00001.1.el7eap
H Uncontrolled Recursion	<0:2.0.1-1.Final_redhat_00001.1.el7eap
H Creation of Temporary File With Insecure Permissions	<0:2.0.1-1.Final_redhat_00001.1.el7eap
H Out-of-bounds Write	<0:2.0.1-1.Final_redhat_00001.1.el7eap
H Improper Input Validation	<0:2.0.1-1.Final_redhat_00001.1.el7eap
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:2.0.1-1.Final_redhat_00001.1.el7eap
H Out-of-bounds Write	<0:2.0.1-1.Final_redhat_00001.1.el7eap
M Improper Input Validation	<0:1.0.8-1.Final_redhat_1.1.ep7.el7
H HTTP Response Splitting	<0:1.0.9-3.Final_redhat_1.1.ep7.el7
H Cross-site Request Forgery (CSRF)	<0:1.0.13-2.Final_redhat_00001.1.el7eap
H Deserialization of Untrusted Data	<0:1.0.13-2.Final_redhat_00001.1.el7eap
H Deserialization of Untrusted Data	<0:1.0.13-2.Final_redhat_00001.1.el7eap
H Deserialization of Untrusted Data	<0:1.0.13-2.Final_redhat_00001.1.el7eap
H Deserialization of Untrusted Data	<0:1.0.13-2.Final_redhat_00001.1.el7eap
M Arbitrary Argument Injection	<0:1.0.13-1.Final_redhat_00001.1.ep7.el7

Vulnerability

Vulnerable Version

Improperly Implemented Security Check for Standard

<0:1.0.13-2.Final_redhat_00001.1.el7eap

Race Condition

<0:1.0.13-2.Final_redhat_00001.1.el7eap

Information Exposure Through Server Error Message

<0:2.0.1-1.Final_redhat_00001.1.el7eap

HTTP Request Smuggling

<0:1.0.9-3.Final_redhat_1.1.ep7.el7

Incorrect Permission Assignment for Critical Resource

<0:1.0.9-3.Final_redhat_1.1.ep7.el7