Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for wildfly-core by Red Hat

    CVE-2020-25689 (GCVE-0-2020-25689)

    Vulnerability from nvd – Published: 2020-10-30 00:00 – Updated: 2024-08-04 15:40
    VLAI
    Summary
    A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat wildfly-core Affected: up to 21.0.0.Final
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:40:36.775Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25689"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20201123-0006/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "wildfly-core",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "up to 21.0.0.Final"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25689"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20201123-0006/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-25689",
        "datePublished": "2020-10-30T00:00:00.000Z",
        "dateReserved": "2020-09-16T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:40:36.775Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-14838 (GCVE-0-2019-14838)

    Vulnerability from nvd – Published: 2019-10-14 14:32 – Updated: 2024-08-05 00:26
    VLAI
    Summary
    A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server
    CWE
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… x_refsource_CONFIRM
    https://access.redhat.com/errata/RHSA-2019:3083 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3082 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4018 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4019 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4021 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4020 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4045 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2020:0728 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat wildfly-core Affected: before 7.2.5.GA
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:26:39.125Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838"
              },
              {
                "name": "RHSA-2019:3083",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3083"
              },
              {
                "name": "RHSA-2019:3082",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3082"
              },
              {
                "name": "RHSA-2019:4018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4018"
              },
              {
                "name": "RHSA-2019:4019",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4019"
              },
              {
                "name": "RHSA-2019:4021",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4021"
              },
              {
                "name": "RHSA-2019:4020",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4020"
              },
              {
                "name": "RHSA-2019:4045",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4045"
              },
              {
                "name": "RHSA-2019:4042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4042"
              },
              {
                "name": "RHSA-2019:4040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4040"
              },
              {
                "name": "RHSA-2019:4041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4041"
              },
              {
                "name": "RHSA-2020:0728",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0728"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "wildfly-core",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 7.2.5.GA"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server"
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-11T11:07:04.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838"
            },
            {
              "name": "RHSA-2019:3083",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3083"
            },
            {
              "name": "RHSA-2019:3082",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3082"
            },
            {
              "name": "RHSA-2019:4018",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4018"
            },
            {
              "name": "RHSA-2019:4019",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4019"
            },
            {
              "name": "RHSA-2019:4021",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4021"
            },
            {
              "name": "RHSA-2019:4020",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4020"
            },
            {
              "name": "RHSA-2019:4045",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4045"
            },
            {
              "name": "RHSA-2019:4042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4042"
            },
            {
              "name": "RHSA-2019:4040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4040"
            },
            {
              "name": "RHSA-2019:4041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4041"
            },
            {
              "name": "RHSA-2020:0728",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0728"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2019-14838",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "wildfly-core",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 7.2.5.GA"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Red Hat"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server"
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "5.2/CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:H",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-284"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838"
                },
                {
                  "name": "RHSA-2019:3083",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3083"
                },
                {
                  "name": "RHSA-2019:3082",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3082"
                },
                {
                  "name": "RHSA-2019:4018",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4018"
                },
                {
                  "name": "RHSA-2019:4019",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4019"
                },
                {
                  "name": "RHSA-2019:4021",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4021"
                },
                {
                  "name": "RHSA-2019:4020",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4020"
                },
                {
                  "name": "RHSA-2019:4045",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4045"
                },
                {
                  "name": "RHSA-2019:4042",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4042"
                },
                {
                  "name": "RHSA-2019:4040",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4040"
                },
                {
                  "name": "RHSA-2019:4041",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4041"
                },
                {
                  "name": "RHSA-2020:0728",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0728"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2019-14838",
        "datePublished": "2019-10-14T14:32:53.000Z",
        "dateReserved": "2019-08-10T00:00:00.000Z",
        "dateUpdated": "2024-08-05T00:26:39.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-10934 (GCVE-0-2018-10934)

    Vulnerability from nvd – Published: 2019-03-27 12:20 – Updated: 2024-08-05 07:54
    VLAI
    Summary
    A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat wildfly-core Affected: 7.1.6.CR1
    Affected: 7.1.6.GA
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:54:36.087Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934"
              },
              {
                "name": "RHSA-2019:1160",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1160"
              },
              {
                "name": "RHSA-2019:1162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1162"
              },
              {
                "name": "RHSA-2019:1159",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1159"
              },
              {
                "name": "RHSA-2019:1161",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1161"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190611-0002/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "wildfly-core",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.1.6.CR1"
                },
                {
                  "status": "affected",
                  "version": "7.1.6.GA"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-11T22:06:05.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934"
            },
            {
              "name": "RHSA-2019:1160",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1160"
            },
            {
              "name": "RHSA-2019:1162",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1162"
            },
            {
              "name": "RHSA-2019:1159",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1159"
            },
            {
              "name": "RHSA-2019:1161",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1161"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190611-0002/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2018-10934",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "wildfly-core",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.1.6.CR1"
                              },
                              {
                                "version_value": "7.1.6.GA"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Red Hat"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users."
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "5.4/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934"
                },
                {
                  "name": "RHSA-2019:1160",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1160"
                },
                {
                  "name": "RHSA-2019:1162",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1162"
                },
                {
                  "name": "RHSA-2019:1159",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1159"
                },
                {
                  "name": "RHSA-2019:1161",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1161"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190611-0002/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190611-0002/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2018-10934",
        "datePublished": "2019-03-27T12:20:07.000Z",
        "dateReserved": "2018-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:54:36.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-25689 (GCVE-0-2020-25689)

    Vulnerability from cvelistv5 – Published: 2020-10-30 00:00 – Updated: 2024-08-04 15:40
    VLAI
    Summary
    A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat wildfly-core Affected: up to 21.0.0.Final
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:40:36.775Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25689"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20201123-0006/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "wildfly-core",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "up to 21.0.0.Final"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25689"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20201123-0006/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-25689",
        "datePublished": "2020-10-30T00:00:00.000Z",
        "dateReserved": "2020-09-16T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:40:36.775Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-14838 (GCVE-0-2019-14838)

    Vulnerability from cvelistv5 – Published: 2019-10-14 14:32 – Updated: 2024-08-05 00:26
    VLAI
    Summary
    A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server
    CWE
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… x_refsource_CONFIRM
    https://access.redhat.com/errata/RHSA-2019:3083 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3082 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4018 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4019 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4021 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4020 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4045 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:4041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2020:0728 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat wildfly-core Affected: before 7.2.5.GA
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:26:39.125Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838"
              },
              {
                "name": "RHSA-2019:3083",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3083"
              },
              {
                "name": "RHSA-2019:3082",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3082"
              },
              {
                "name": "RHSA-2019:4018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4018"
              },
              {
                "name": "RHSA-2019:4019",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4019"
              },
              {
                "name": "RHSA-2019:4021",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4021"
              },
              {
                "name": "RHSA-2019:4020",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4020"
              },
              {
                "name": "RHSA-2019:4045",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4045"
              },
              {
                "name": "RHSA-2019:4042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4042"
              },
              {
                "name": "RHSA-2019:4040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4040"
              },
              {
                "name": "RHSA-2019:4041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:4041"
              },
              {
                "name": "RHSA-2020:0728",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0728"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "wildfly-core",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 7.2.5.GA"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server"
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-11T11:07:04.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838"
            },
            {
              "name": "RHSA-2019:3083",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3083"
            },
            {
              "name": "RHSA-2019:3082",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3082"
            },
            {
              "name": "RHSA-2019:4018",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4018"
            },
            {
              "name": "RHSA-2019:4019",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4019"
            },
            {
              "name": "RHSA-2019:4021",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4021"
            },
            {
              "name": "RHSA-2019:4020",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4020"
            },
            {
              "name": "RHSA-2019:4045",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4045"
            },
            {
              "name": "RHSA-2019:4042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4042"
            },
            {
              "name": "RHSA-2019:4040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4040"
            },
            {
              "name": "RHSA-2019:4041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:4041"
            },
            {
              "name": "RHSA-2020:0728",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0728"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2019-14838",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "wildfly-core",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 7.2.5.GA"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Red Hat"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server"
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "5.2/CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:H",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-284"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838"
                },
                {
                  "name": "RHSA-2019:3083",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3083"
                },
                {
                  "name": "RHSA-2019:3082",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3082"
                },
                {
                  "name": "RHSA-2019:4018",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4018"
                },
                {
                  "name": "RHSA-2019:4019",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4019"
                },
                {
                  "name": "RHSA-2019:4021",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4021"
                },
                {
                  "name": "RHSA-2019:4020",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4020"
                },
                {
                  "name": "RHSA-2019:4045",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4045"
                },
                {
                  "name": "RHSA-2019:4042",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4042"
                },
                {
                  "name": "RHSA-2019:4040",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4040"
                },
                {
                  "name": "RHSA-2019:4041",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:4041"
                },
                {
                  "name": "RHSA-2020:0728",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0728"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2019-14838",
        "datePublished": "2019-10-14T14:32:53.000Z",
        "dateReserved": "2019-08-10T00:00:00.000Z",
        "dateUpdated": "2024-08-05T00:26:39.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-10934 (GCVE-0-2018-10934)

    Vulnerability from cvelistv5 – Published: 2019-03-27 12:20 – Updated: 2024-08-05 07:54
    VLAI
    Summary
    A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat wildfly-core Affected: 7.1.6.CR1
    Affected: 7.1.6.GA
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:54:36.087Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934"
              },
              {
                "name": "RHSA-2019:1160",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1160"
              },
              {
                "name": "RHSA-2019:1162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1162"
              },
              {
                "name": "RHSA-2019:1159",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1159"
              },
              {
                "name": "RHSA-2019:1161",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:1161"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190611-0002/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "wildfly-core",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.1.6.CR1"
                },
                {
                  "status": "affected",
                  "version": "7.1.6.GA"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-11T22:06:05.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934"
            },
            {
              "name": "RHSA-2019:1160",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1160"
            },
            {
              "name": "RHSA-2019:1162",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1162"
            },
            {
              "name": "RHSA-2019:1159",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1159"
            },
            {
              "name": "RHSA-2019:1161",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:1161"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190611-0002/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2018-10934",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "wildfly-core",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.1.6.CR1"
                              },
                              {
                                "version_value": "7.1.6.GA"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Red Hat"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users."
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "5.4/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934"
                },
                {
                  "name": "RHSA-2019:1160",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1160"
                },
                {
                  "name": "RHSA-2019:1162",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1162"
                },
                {
                  "name": "RHSA-2019:1159",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1159"
                },
                {
                  "name": "RHSA-2019:1161",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:1161"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190611-0002/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190611-0002/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2018-10934",
        "datePublished": "2019-03-27T12:20:07.000Z",
        "dateReserved": "2018-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:54:36.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }