RHSA-2014:0400Medium

Red Hat Security Advisory: Red Hat JBoss Fuse 6.1.0 update

Published
April 14, 2014
Last Modified
June 27, 2026

🔗 CVE IDs covered (12)

📋 Description

CVE-2013-1624 — bouncycastle: TLS CBC padding timing attack CVE-2013-2035 — HawtJNI: predictable temporary file name leading to local arbitrary code execution CVE-2013-2172 — Java: XML signature spoofing CVE-2013-2192 — hadoop: man-in-the-middle vulnerability CVE-2013-4152 — Framework: XML External Entity (XXE) injection flaw CVE-2013-4517 — Java: Java XML Signature DoS Attack CVE-2013-6429 — Framework: XML External Entity (XXE) injection flaw CVE-2013-6430 — Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters CVE-2014-0050 — apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream CVE-2014-0054 — Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429 CVE-2014-1904 — Framework: cross-site scripting flaw when using Spring MVC CVE-2014-3584 — CXF: Denial of Service (DoS) via invalid JAX-RS SAML tokens

🔗 References (16)