VDB
CVE-2014-8122
CVE-2014-8122
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Reported by redhat · Published February 13, 2015
Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state.
Risk Scores
CVSS 2.0
4.300000190734863
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| Maven | org.jboss.weld:weld-core-bom | 0, 0, 0 |
| Maven | org.jboss.weld:weld-core-impl | 2-alpha0, 2-alpha0, 2-alpha0 |
| n/a | n/a | n/a, n/a, n/a |
| Maven | org.jboss.weld:weld-core | 1, 1, 1 |
Timeline
- Feb 13, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- redhat-jboss-cve20148122-info-disc(100892) vdb-entryx_refsource_XF
- RHSA-2015:0675 vendor-advisoryx_refsource_REDHAT
- RHSA-2015:0773 vendor-advisoryx_refsource_REDHAT
- RHSA-2015:0920 vendor-advisoryx_refsource_REDHAT
- RHSA-2015:0850 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- 74252 vdb-entryx_refsource_BID
- RHSA-2015:0215 vendor-advisoryx_refsource_REDHAT
- RHSA-2015:0851 vendor-advisoryx_refsource_REDHAT
- x_refsource_MISC
- RHSA-2015:0217 vendor-advisoryx_refsource_REDHAT
- RHSA-2015:0218 vendor-advisoryx_refsource_REDHAT
- RHSA-2015:0216 vendor-advisoryx_refsource_REDHAT
- 1031741 vdb-entryx_refsource_SECTRACK
- https://nvd.nist.gov/vuln/detail/CVE-2014-8122 advisory
- https://github.com/advisories/GHSA-338v-3958-8v8r advisory
- https://bugzilla.redhat.com/CVE-2014-8122 url