Maven package
org.infinispan/infinispan-server-rest
pkg:maven/org.infinispan/infinispan-server-rest
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-3629 | — | >= 15.0.0.Dev01, < 15.0.0.Dev04 | 15.0.0.Dev04 | Dec 18, 2023 | A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions. | ||
| CVE-2023-3628 | — | >= 15.0.0.Dev01, < 15.0.0.Dev04 | 15.0.0.Dev04 | Dec 18, 2023 | A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions. |
- CVE-2023-3629Dec 18, 2023affected >= 15.0.0.Dev01, < 15.0.0.Dev04fixed 15.0.0.Dev04
A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
- CVE-2023-3628Dec 18, 2023affected >= 15.0.0.Dev01, < 15.0.0.Dev04fixed 15.0.0.Dev04
A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.