Red hat build of apicurio registry 2
This hub aggregates every CVE we track for Red hat build of apicurio registry 2, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
12
CVEs tracked
0
Critical
7
High
0
In CISA KEV
Severity distribution
HIGH7MEDIUM5
Monthly trend
0
0
0
0
1
0
1
1
0
0
0
0
1
0
0
0
1
1
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 12 most recently published vulnerabilities affecting Red hat build of apicurio registry 2.
- CVE-2024-4027Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks7.5
- CVE-2024-3884Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded7.5
- CVE-2025-7195Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd6.4
- CVE-2025-2240Smallrye-fault-tolerance: smallrye fault tolerance7.5
- CVE-2024-11831Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript5.4
- CVE-2024-12397Io.quarkus.http/quarkus-http-core: quarkus http cookie smuggling7.4
- CVE-2024-3653Undertow: learningpushhandler can lead to remote memory dos attacks5.3
- CVE-2023-6717Keycloak: xss via assertion consumer service url in saml post-binding flow6.0
- CVE-2023-5675Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used.6.5
- CVE-2024-1249Keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkloginiframe leads to ddos7.4
- CVE-2024-1132Keycloak: path transversal in redirection validation8.1
- CVE-2024-1635Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol7.5
Product normalization is registry-driven with AI assist and human review. How it works