CVE-2025-2240
- EPSS 0.62%
- Published 12.03.2025 14:55:15
- Last modified 21.05.2025 20:15:31
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a den...
CVE-2023-1419
- EPSS 0.19%
- Published 17.11.2024 11:15:05
- Last modified 18.11.2024 17:11:17
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthori...
CVE-2023-4639
- EPSS 3.74%
- Published 17.11.2024 11:15:05
- Last modified 07.02.2025 17:15:29
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary addit...
CVE-2021-3629
- EPSS 0.1%
- Published 24.05.2022 19:15:09
- Last modified 21.11.2024 06:22:01
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw af...