eap7-log4j-jboss-logmanager vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the eap7-log4j-jboss-logmanager package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Information Exposure	<0:1.3.1-2.Final_redhat_00003.1.el7eap
H Deserialization of Untrusted Data	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Server-Side Request Forgery (SSRF)	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Resource Exhaustion	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Deserialization of Untrusted Data	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Uncontrolled Memory Allocation	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Resource Exhaustion	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Server-Side Request Forgery (SSRF)	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Integer Coercion Error	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Deserialization of Untrusted Data	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Information Exposure	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Improper Input Validation	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Improper Authorization	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Arbitrary Code Injection	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Resource Exhaustion	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Resource Exhaustion	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Resource Exhaustion	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Resource Exhaustion	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H HTTP Request Smuggling	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H HTTP Request Smuggling	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Improper Input Validation	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H HTTP Request Smuggling	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Resource Exhaustion	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Authentication Bypass	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Deserialization of Untrusted Data	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Deserialization of Untrusted Data	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Deserialization of Untrusted Data	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Uncontrolled Recursion	<0:1.3.1-1.Final_redhat_00002.1.el7eap
H Memory Leak	<0:1.3.1-1.Final_redhat_00002.1.el7eap
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.3.1-1.Final_redhat_00002.1.el7eap
H Information Exposure	<0:1.3.1-1.Final_redhat_00002.1.el7eap
H Improper Input Validation	<0:1.3.1-1.Final_redhat_00002.1.el7eap
H Allocation of Resources Without Limits or Throttling	<0:1.3.1-1.Final_redhat_00002.1.el7eap
H Resource Exhaustion	<0:1.3.1-1.Final_redhat_00002.1.el7eap
M Cleartext Transmission of Sensitive Information	<0:1.1.6-1.Final_redhat_00001.1.ep7.el7
H Information Exposure	<0:1.1.4-2.Final_redhat_1.1.ep7.el7
H Covert Timing Channel	<0:1.1.4-2.Final_redhat_1.1.ep7.el7
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:1.1.4-2.Final_redhat_1.1.ep7.el7
M Information Exposure	<0:1.1.6-2.Final_redhat_00001.1.el7eap
H Deserialization of Untrusted Data	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H SQL Injection	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Deserialization of Untrusted Data	<0:1.2.2-1.Final_redhat_00002.1.ep7.el7
H Improper Input Validation	<0:1.2.2-2.Final_redhat_00002.1.el7eap
H Deserialization of Untrusted Data	<0:1.1.4-2.Final_redhat_1.1.ep7.el7

Vulnerability

Vulnerable Version

Information Exposure

<0:1.3.1-2.Final_redhat_00003.1.el7eap

Deserialization of Untrusted Data

<0:1.2.2-2.Final_redhat_00002.1.el7eap

Server-Side Request Forgery (SSRF)

<0:1.2.2-2.Final_redhat_00002.1.el7eap

Resource Exhaustion

<0:1.2.2-2.Final_redhat_00002.1.el7eap

Deserialization of Untrusted Data

<0:1.2.2-2.Final_redhat_00002.1.el7eap