threat
engine
.sh
Back
·
··:··
Home
/
Product
/
redhat fuse
Product
redhat fuse
37 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-28369
all versions
A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, i
8.7
HIGH
CVE-2026-28368
all versions
A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header nam
8.7
HIGH
CVE-2026-28367
all versions
A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending
\r\r\r
as a header block terminator. T
8.7
HIGH
CVE-2026-3260
all versions
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipa
5.9
MEDIUM
CVE-2025-12543
all versions
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow
9.6
CRITICAL
CVE-2025-9784
all versions
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counte
7.5
HIGH
CVE-2024-1635
all versions
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Wheneve
7.5
HIGH
CVE-2023-1108
all versions
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status update
7.5
HIGH
CVE-2021-4178
all versions
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an i
6.7
MEDIUM
CVE-2021-3690
all versions
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows
7.5
HIGH
CVE-2021-3597
all versions
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denia
5.9
MEDIUM
CVE-2020-10688
all versions
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not p
6.1
MEDIUM
CVE-2020-25689
all versions
A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, ge
5.3
MEDIUM
CVE-2019-14900
< 7.8.0
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the
6.5
MEDIUM
CVE-2020-10719
all versions
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk si
6.5
MEDIUM
CVE-2019-10174
all versions
A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any appl
8.8
HIGH
CVE-2019-14860
< 7.5.0
It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use
6.5
MEDIUM
CVE-2019-10219
all versions
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting
6.1
MEDIUM
CVE-2019-0201
all versions
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t ch
5.9
MEDIUM
CVE-2019-0204
all versions
A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/
7.8
HIGH
CVE-2018-10906
< 2.9.8
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This
5.3
MEDIUM
CVE-2018-1258
all versions
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when
8.8
HIGH
CVE-2018-1270
all versions
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications
9.8
CRITICAL
CVE-2018-1199
all versions
Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before
5.3
MEDIUM
CVE-2017-12617
all versions
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs ena
8.1
HIGH
CVE-2017-7957
all versions
XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive
7.5
HIGH
CVE-2017-5645
all versions
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from anot
9.8
CRITICAL
CVE-2016-4437
all versions
Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to exe
9.8
CRITICAL
CVE-2016-1233
<= 2.9.3-14
An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before
7.8
HIGH
CVE-2015-3202
<= 2.9.2
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which
CVE-2015-1427
all versions
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox pro
9.8
CRITICAL
CVE-2011-0543
<= 2.8.5
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize optio
CVE-2011-0542
<= 2.8.5
fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umount, which allows local users t
CVE-2011-0541
<= 2.8.5
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary di
CVE-2010-0789
all versions
fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a sy
CVE-2005-3531
all versions
fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount optio
CVE-2005-1858
all versions
FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin