Skip to main content

Infinispan

8 CVEs product

Monthly

CVE-2025-5731 Maven MEDIUM PATCH This Month

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.

Information Disclosure Kubernetes Data Grid Infinispan Jboss Enterprise Application Platform +2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-5384 Maven LOW PATCH Monitor

A flaw was found in Infinispan. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Data Grid Jboss Data Grid Infinispan
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2023-5236 Maven MEDIUM PATCH This Month

A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Data Grid Jboss Data Grid Infinispan
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-3629 Maven MEDIUM PATCH This Month

A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Data Grid Jboss Data Grid Jboss Enterprise Application Platform Infinispan
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-3628 Maven MEDIUM PATCH This Month

A flaw was found in Infinispan's REST. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jboss Data Grid Jboss Enterprise Application Platform Data Grid Infinispan
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-25711 Maven MEDIUM PATCH This Month

A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Infinispan Data Grid Active Iq Unified Manager
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-10174 Maven HIGH PATCH This Week

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Infinispan Fuse Jboss Data Grid Jboss Enterprise Application Platform +3
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2018-1131 Maven HIGH PATCH This Week

Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Infinispan Jboss Data Grid
NVD
CVSS 3.0
8.8
EPSS
1.3%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.

Information Disclosure Kubernetes Data Grid +4
NVD GitHub
EPSS 1% CVSS 2.7
LOW PATCH Monitor

A flaw was found in Infinispan. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Data Grid Jboss Data Grid +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Data Grid Jboss Data Grid +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Data Grid Jboss Data Grid +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in Infinispan's REST. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jboss Data Grid Jboss Enterprise Application Platform +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Infinispan Data Grid +1
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Infinispan Fuse +5
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Infinispan +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy