Search for packages
| purl | pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-3.redhat_00007.1?arch=el8eap |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3zsw-hyhp-4yfm
Aliases: CVE-2024-4109 GHSA-22c5-cpvr-cfvq |
Withdrawn Advisory: undertow: information leakage via HTTP/2 request header reuse # Withdrawn Advisory This advisory has been withdrawn because it was determined to not be a valid vulnerability. This link is maintained to preserve external references. For more information, see https://nvd.nist.gov/vuln/detail/CVE-2024-4109. # Original Description A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests. | There are no reported fixed by versions. |
|
VCID-myp6-7rre-euex
Aliases: CVE-2024-51127 GHSA-r7mv-mv7m-pjw3 |
hornetq vulnerable to file overwrite, sensitive information disclosure An issue in the `createTempFile` method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:44:11.986143+00:00 | RedHat Importer | Affected by | VCID-myp6-7rre-euex | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-51127.json | 38.0.0 |
| 2026-04-01T13:43:42.744170+00:00 | RedHat Importer | Affected by | VCID-3zsw-hyhp-4yfm | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4109.json | 38.0.0 |