eap8-hibernate-envers

Direct Vulnerabilities

Known vulnerabilities in the eap8-hibernate-envers package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Covert Timing Channel	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Improper Verification of Cryptographic Signature	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Allocation of Resources Without Limits or Throttling	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Allocation of Resources Without Limits or Throttling	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H HTTP Request Smuggling	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Inefficient Regular Expression Complexity	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Deserialization of Untrusted Data	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Deserialization of Untrusted Data	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Missing Authentication for Critical Function	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Inefficient Regular Expression Complexity	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H LDAP Injection	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Improper Restriction of Excessive Authentication Attempts	<0:6.6.48-1.Final_redhat_00001.1.el9eap
H Use of a Broken or Risky Cryptographic Algorithm	<0:6.6.48-1.Final_redhat_00001.1.el9eap
M Insufficient Verification of Data Authenticity	<0:6.2.35-1.Final_redhat_00001.1.el9eap
H Allocation of Resources Without Limits or Throttling	<0:6.6.36-1.Final_redhat_00001.1.el9eap
H Improper Input Validation	<0:6.6.36-1.Final_redhat_00001.1.el9eap
M Improper Access Control	<0:6.2.35-1.Final_redhat_00001.1.el9eap
H Improper Input Validation	<0:6.6.36-1.Final_redhat_00001.1.el9eap
M XML External Entity (XXE) Injection	<0:6.2.46-1.Final_redhat_00001.1.el9eap
H Improper Access Control	<0:6.2.36-1.Final_redhat_00001.1.el9eap
H Cross-site Scripting (XSS)	<0:6.2.36-1.Final_redhat_00001.1.el9eap
H CVE-2025-27611	<0:6.2.36-1.Final_redhat_00001.1.el9eap
H Resource Exhaustion	<0:6.2.36-1.Final_redhat_00001.1.el9eap
H Deserialization of Untrusted Data	<0:6.2.36-1.Final_redhat_00001.1.el9eap
H Directory Traversal	<0:6.2.32-1.Final_redhat_00001.1.el9eap
H Open Redirect	<0:6.2.31-1.Final_redhat_00002.1.el9eap
H Improper Verification of Cryptographic Signature	<0:6.2.31-1.Final_redhat_00002.1.el9eap
H Memory Leak	<0:6.2.31-1.Final_redhat_00002.1.el9eap
H Allocation of Resources Without Limits or Throttling	<0:6.2.31-1.Final_redhat_00002.1.el9eap
H Resource Exhaustion	<0:6.2.31-1.Final_redhat_00002.1.el9eap
H Integer Coercion Error	<0:6.2.31-1.Final_redhat_00002.1.el9eap
M Resource Exhaustion	<0:6.2.26-1.Final_redhat_00001.1.el9eap
M Server-Side Request Forgery (SSRF)	<0:6.2.18-1.Final_redhat_00001.1.el9eap
M Unprotected Transport of Credentials	<0:6.2.18-1.Final_redhat_00001.1.el9eap
M Insufficient Verification of Data Authenticity	<0:6.2.18-1.Final_redhat_00001.1.el9eap
M Improper Initialization	<0:6.2.18-1.Final_redhat_00001.1.el9eap

Vulnerability

Vulnerable Version

Covert Timing Channel

<0:6.6.48-1.Final_redhat_00001.1.el9eap