Search for packages
| purl | pkg:rpm/redhat/jasperreports-server-pro@5.5.0-4?arch=el6ev |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-f7dh-1ngq-5kdz
Aliases: CVE-2013-2192 GHSA-pxv5-5vmp-3jj4 |
Improper Authentication in Apache Hadoop The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication. | There are no reported fixed by versions. |
|
VCID-hj44-args-tfa4
Aliases: CVE-2012-5784 GHSA-55w9-c3g2-4rrh |
Man-in-the-middle attack in Apache Axis Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:53:54.205099+00:00 | RedHat Importer | Affected by | VCID-hj44-args-tfa4 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5784.json | 38.0.0 |
| 2026-04-01T14:50:16.398540+00:00 | RedHat Importer | Affected by | VCID-f7dh-1ngq-5kdz | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2192.json | 38.0.0 |