Search for packages
| purl | pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-15.Final_redhat_2.1.ep7?arch=el6 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2pnb-13et-y3hr
Aliases: CVE-2017-2582 GHSA-c77r-6f64-478q |
Information Exposure It was found that while parsing the SAML messages the `StaxParserUtil` class of keycloak replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request `ID` field to be the chosen system property which could be obtained in the `InResponseTo` field in the response. | There are no reported fixed by versions. |
|
VCID-vxgb-dd12-hyba
Aliases: CVE-2018-14627 |
The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connections: <transport-config confidentiality="required" trust-in-target="supported"/> | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:29:21.851532+00:00 | RedHat Importer | Affected by | VCID-vxgb-dd12-hyba | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14627.json | 38.0.0 |
| 2026-04-01T14:27:40.431777+00:00 | RedHat Importer | Affected by | VCID-2pnb-13et-y3hr | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2582.json | 38.0.0 |