RHSA-2020:2561CriticalCVSS 9.8

Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 12 security update

Published
June 15, 2020
Last Modified
June 15, 2026

🔗 CVE IDs covered (5)

CVE-2017-12196CVE-2017-12629CVE-2017-15089CVE-2018-8088CVE-2017-12174

📋 Description

CVE-2017-12174 — artemis/hornetq: memory exhaustion via UDP and JGroups discovery CVE-2017-12196 — undertow: Client can use bogus uri in Digest authentication CVE-2017-12629 — Solr: Code execution via entity expansion CVE-2017-15089 — infinispan: Unsafe deserialization of malicious object injected into data cache CVE-2018-8088 — slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution

🔗 References (8)