Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe

Filtered by product Jboss Data Virtualization

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2014-0171	2 Odata4j Project, Redhat	2 Odata4j, Jboss Data Virtualization	2020-03-26	5.0 MEDIUM	N/A
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.
CVE-2014-0170	2 Jboss, Redhat	2 Teiid, Jboss Data Virtualization	2017-08-29	4.3 MEDIUM	N/A
Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity (XXE) issue.