A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HInfinispan
APPInfinispan< 8.2.129.0.0 – 9.4.17 (bez)Netapp Active Iq Unified Manager
APPNetappwszystkie wersjeRed Hat Enterprise Linux
OSRedhat6.07.08.0Red Hat Fuse
APPRedhat1.0Red Hat Jboss Data Grid
APPRedhatwszystkie wersjeRed Hat Jboss Enterprise Application Platform
APPRedhat7.2Red Hat Openshift Application Runtimes
APPRedhatwszystkie wersjeRed Hat Single Sign On
APPRedhatwszystkie wersje
Related vulnerabilities
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...
In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the...