Lucene search

K

RedhatCVELIST:CVE-2016-4993

HistorySep 26, 2016 - 2:00 p.m.

CVE-2016-4993

2016-09-2614:00:00

redhat

www.cve.org

2

6.4 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.4%

CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

References

rhn.redhat.com/errata/RHSA-2016-1838.html

rhn.redhat.com/errata/RHSA-2016-1839.html

rhn.redhat.com/errata/RHSA-2016-1840.html

rhn.redhat.com/errata/RHSA-2016-1841.html

www.securityfocus.com/bid/92894

www.securitytracker.com/id/1036758

access.redhat.com/errata/RHSA-2017:3454

access.redhat.com/errata/RHSA-2017:3455

access.redhat.com/errata/RHSA-2017:3456

access.redhat.com/errata/RHSA-2017:3458

bugzilla.redhat.com/show_bug.cgi?id=1344321

6.4 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.4%

Related for CVELIST:CVE-2016-4993

osv3 nvd3 debiancve2 prion3 redhatcve2 github2 ubuntucve2 cve3 veracode1 cvelist1 nessus10 redhat14