Homepage

eap7-xml-security vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the eap7-xml-security package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Resource Exhaustion

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Uncontrolled Memory Allocation

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Improper Input Validation

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Out-of-bounds Write

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Stack-based Buffer Overflow

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Resource Exhaustion

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Directory Traversal

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Resource Exhaustion

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Resource Exhaustion

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Unchecked Return Value

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Allocation of Resources Without Limits or Throttling

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Memory Leak

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Directory Traversal

<0:2.3.5-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Server-Side Request Forgery (SSRF)

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Uncontrolled Memory Allocation

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Server-Side Request Forgery (SSRF)

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Integer Coercion Error

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
SQL Injection

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:2.2.3-2.redhat_00001.1.el7eap
  • H
Information Exposure

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • M
Link Following

<0:2.2.6-1.redhat_00002.1.el7eap
  • M
Information Exposure Through Log Files

<0:2.2.6-1.redhat_00002.1.el7eap
  • H
Improper Input Validation

<0:2.1.4-1.redhat_00001.1.el7eap
  • M
Information Exposure

<0:2.1.7-1.redhat_00001.1.el7eap
  • M
Files or Directories Accessible to External Parties

<0:2.1.7-1.redhat_00001.1.el7eap
  • H
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

<0:2.1.4-1.redhat_00001.1.el7eap
  • H
Directory Traversal

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
Insufficient Verification of Data Authenticity

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Information Exposure

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Out-of-Bounds

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Access Restriction Bypass

<0:2.0.8-2.redhat_1.1.ep7.el7
  • M
Resource Exhaustion

<0:2.1.7-1.redhat_00001.1.el7eap
  • H
Uncaught Exception

<0:2.0.10-1.redhat_1.1.ep7.el7
  • H
Directory Traversal

<0:2.0.10-1.redhat_1.1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
Improper Authentication

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Out-of-bounds Read

<0:2.1.4-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Improper Input Validation

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Improper Input Validation

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
Improper Access Control

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Information Exposure

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Directory Traversal

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Information Exposure

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
Deserialization of Untrusted Data

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:2.1.4-1.redhat_00001.1.el7eap
  • M
Information Exposure

<0:2.1.2-1.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:2.1.4-1.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:2.1.4-1.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:2.1.4-1.redhat_00001.1.el7eap
  • H
Incomplete Blacklist

<0:2.0.9-1.redhat_1.1.ep7.el7
  • H
HTTP Response Splitting

<0:2.0.8-2.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:2.0.10-2.redhat_00002.1.ep7.el7
  • H
CVE-2015-0254

<0:2.0.6-1.redhat_1.1.ep7.el7
  • M
Information Exposure

<0:2.1.7-1.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:2.1.4-1.redhat_00001.1.el7eap