There is no fixed version for Centos:8 kernel-abi-whitelists .

org.jboss.weld:weld-core@2.1.0.CR1 vulnerabilities

latest version

2.4.8.Final

latest non vulnerable version

3.0.0.Alpha6

first published

15 years ago

latest version published

6 years ago

licenses detected

Apache-2.0
[1.0.0-CR1,)

package manager

View on Maven Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.jboss.weld:weld-core package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Information Exposure org.jboss.weld:weld-core is a Weld's implementation of CDI Affected versions of this package are vulnerable to Information Exposure. Race condition allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state. How to fix Information Exposure? Upgrade `org.jboss.weld:weld-core` to version 1.1.28.Final, 2.2.8.Final, 3.0.0.Alpha3 or higher.	[,1.1.28.Final)[2,2.2.8.Final)[3-alpha,3.0.0.Alpha3)

Information Exposure

org.jboss.weld:weld-core is a Weld's implementation of CDI

Affected versions of this package are vulnerable to Information Exposure. Race condition allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state.

How to fix Information Exposure?

Upgrade org.jboss.weld:weld-core to version 1.1.28.Final, 2.2.8.Final, 3.0.0.Alpha3 or higher.

[,1.1.28.Final)[2,2.2.8.Final)[3-alpha,3.0.0.Alpha3)

Go back to all versions of this package