| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-11113 | 6.8 |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).
|
03-07-2024 - 01:36 | 31-03-2020 - 05:15 | |
| CVE-2020-14297 | 4.0 |
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take adva
|
29-12-2023 - 17:55 | 24-07-2020 - 16:15 | |
| CVE-2020-14307 | 4.0 |
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as
|
12-02-2023 - 23:39 | 24-07-2020 - 16:15 | |
| CVE-2020-9488 | 4.3 |
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Lo
|
12-05-2022 - 15:00 | 27-04-2020 - 16:15 |