jbossts vulnerabilities

Known vulnerabilities in the jbossts package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Improper Input Validation	<1:4.17.43-1.Final_redhat_1.1.ep6.el7
H Directory Traversal	<1:4.17.43-1.Final_redhat_1.1.ep6.el7
H Deserialization of Untrusted Data	<1:4.17.43-1.Final_redhat_1.1.ep6.el7
H Deserialization of Untrusted Data	<1:4.17.43-1.Final_redhat_1.1.ep6.el7
H Resource Exhaustion	<1:4.17.45-2.Final_redhat_2.1.ep6.el7
M Directory Traversal	<1:4.17.42-1.Final_redhat_1.1.ep6.el7
H Incorrect Permission Assignment for Critical Resource	<1:4.17.39-1.Final_redhat_1.1.ep6.el7
M Access Restriction Bypass	<1:4.17.30-1.Final_redhat_1.1.ep6.el7
M Improper Cleanup on Thrown Exception	<1:4.17.26-1.Final_redhat_1.1.ep6.el7
M Improper Access Control	<1:4.17.26-1.Final_redhat_1.1.ep6.el7
M Incorrect Authorization	<1:4.17.26-1.Final_redhat_1.1.ep6.el7
M Incorrect Authorization	<1:4.17.26-1.Final_redhat_1.1.ep6.el7
H Insufficient Verification of Data Authenticity	<1:4.17.29-1.Final_redhat_1.1.ep6.el7
H Cross-site Scripting (XSS)	<1:4.17.29-1.Final_redhat_1.1.ep6.el7
H Authentication Bypass by Primary Weakness	<1:4.17.29-1.Final_redhat_1.1.ep6.el7
H Improperly Implemented Security Check for Standard	<1:4.17.29-1.Final_redhat_1.1.ep6.el7
H Use of a Broken or Risky Cryptographic Algorithm	<1:4.17.29-1.Final_redhat_1.1.ep6.el7
H Incorrect Permission Assignment for Critical Resource	<1:4.17.29-1.Final_redhat_1.1.ep6.el7
C CVE-2016-2141	<1:4.17.34-1.Final_redhat_1.1.ep6.el7
H Information Exposure	<1:4.17.29-1.Final_redhat_1.1.ep6.el7
L Incorrect Privilege Assignment	<1:4.17.22-2.Final_redhat_2.1.ep6.el7
H Incomplete Blacklist	<1:4.17.43-1.Final_redhat_1.1.ep6.el7
H Deserialization of Untrusted Data	<1:4.17.45-2.Final_redhat_2.1.ep6.el7
H SQL Injection	<1:4.17.45-2.Final_redhat_2.1.ep6.el7
H Deserialization of Untrusted Data	<1:4.17.45-2.Final_redhat_2.1.ep6.el7
H Improper Input Validation	<1:4.17.45-2.Final_redhat_2.1.ep6.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<1:4.17.39-1.Final_redhat_1.1.ep6.el7
H Improper Access Control	<1:4.17.43-1.Final_redhat_1.1.ep6.el7
M Improper Input Validation	<1:4.17.35-1.Final_redhat_1.1.ep6.el7
C Directory Traversal	<1:4.17.34-1.Final_redhat_1.1.ep6.el7
H Deserialization of Untrusted Data	<1:4.17.43-1.Final_redhat_1.1.ep6.el7
M Security Features	<1:4.17.42-1.Final_redhat_1.1.ep6.el7
M Security Features	<1:4.17.42-1.Final_redhat_1.1.ep6.el7
H CVE-2016-6346	<1:4.17.39-1.Final_redhat_1.1.ep6.el7
H Resource Exhaustion	<1:4.17.45-2.Final_redhat_2.1.ep6.el7
M XML External Entity (XXE) Injection	<1:4.17.26-1.Final_redhat_1.1.ep6.el7

Vulnerability

Vulnerable Version

Improper Input Validation

<1:4.17.43-1.Final_redhat_1.1.ep6.el7

Directory Traversal

<1:4.17.43-1.Final_redhat_1.1.ep6.el7

Deserialization of Untrusted Data

<1:4.17.43-1.Final_redhat_1.1.ep6.el7

Deserialization of Untrusted Data

<1:4.17.43-1.Final_redhat_1.1.ep6.el7

Resource Exhaustion

<1:4.17.45-2.Final_redhat_2.1.ep6.el7