1. Home
  2. Vulnerabilities
  3. CVE-2014-8122

CVE-2014-8122

CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 0.72 % (81th)
0.72% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state.

Weaknesses
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2015-02-13 15:59:07
(9 years ago)
Updated Date
2017-09-08 01:29:21
(7 years ago)

Affected Products

Redhat

Configuration #1

    CPE23 From Up To
  Redhat Jboss Weld 2.2.7 and prior versions cpe:2.3:a:redhat:jboss_weld <= 2.2.7
  Redhat Jboss Weld 3.0.0 Alpha1 cpe:2.3:a:redhat:jboss_weld:3.0.0:alpha1
  Redhat Jboss Weld 3.0.0 Alpha2 cpe:2.3:a:redhat:jboss_weld:3.0.0:alpha2