CVE-2026-28369

all versions

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, i

8.7HIGH

CVE-2026-28368

all versions

A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header nam

8.7HIGH

CVE-2026-28367

all versions

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. T

8.7HIGH

CVE-2026-3121

all versions

A flaw was found in Keycloak. An administrator with manage-clients permission can exploit a misconfiguration where this permissi

6.5MEDIUM

CVE-2026-4874

all versions

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client

3.1LOW

CVE-2026-3260

all versions

A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipa

5.9MEDIUM

CVE-2026-4366

all versions

A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when pro

5.8MEDIUM

CVE-2026-3009

all versions

A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity

8.1HIGH

CVE-2025-12543

>= 8.0 and < 8.0.12

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow

9.6CRITICAL

CVE-2025-9784

all versions

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counte

7.5HIGH

CVE-2025-5731

all versions

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plainte

5.5MEDIUM

CVE-2025-23368

all versions

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed a

8.1HIGH

CVE-2025-23367

>= 7.4 and < 7.4.21

A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operati

6.5MEDIUM

CVE-2023-1932

all versions

A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtm

6.1MEDIUM

CVE-2024-10234

all versions

A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw al

6.1MEDIUM

CVE-2024-7885

all versions

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple r

7.5HIGH

CVE-2024-1102

all versions

A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the userna

6.5MEDIUM

CVE-2024-1635

all versions

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Wheneve

7.5HIGH

CVE-2023-4503

all versions

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the s

6.8MEDIUM

CVE-2023-3171

all versions

A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no

7.5HIGH

CVE-2023-48795

all versions

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker

5.9MEDIUM

CVE-2023-3629

all versions

A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the

4.3MEDIUM

CVE-2023-3628

all versions

A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue

6.5MEDIUM

CVE-2023-5379

all versions

A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is

7.5HIGH

CVE-2023-4061

all versions

A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensiti

6.5MEDIUM

CVE-2023-44487

all versions

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q

7.5HIGH

CVE-2023-3223

all versions

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart conten

7.5HIGH

CVE-2023-1108

all versions

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status update

7.5HIGH

CVE-2022-4492

all versions

The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compul

7.5HIGH

CVE-2022-3143

all versions

wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses j

7.4HIGH

CVE-2022-2764

all versions

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invoca

4.9MEDIUM

CVE-2022-1259

all versions

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or

7.5HIGH

CVE-2021-3859

all versions

A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows

7.5HIGH

CVE-2021-3690

all versions

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows

7.5HIGH

CVE-2021-3717

all versions

A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBO

7.8HIGH

CVE-2021-3629

all versions

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause

5.9MEDIUM

CVE-2021-3597

all versions

A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denia

5.9MEDIUM

CVE-2022-0866

>= 7.1.0

This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that i

5.3MEDIUM

CVE-2022-0853

all versions

A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransacti

7.5HIGH

CVE-2021-20318

all versions

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to

7.2HIGH

CVE-2021-4104

all versions

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j config

7.5HIGH

CVE-2021-32029

all versions

A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user c

6.5MEDIUM

CVE-2021-3642

all versions

A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where Scra

5.3MEDIUM

CVE-2020-14340

all versions

A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between g

5.9MEDIUM

CVE-2020-14317

all versions

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Pl

5.5MEDIUM

CVE-2021-32027

all versions

A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying

8.8HIGH

CVE-2020-25710

all versions

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by Ope

7.5HIGH

CVE-2020-10688

all versions

A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not p

6.1MEDIUM

CVE-2021-3536

all versions

A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is

4.8MEDIUM

CVE-2019-19343

< 7.2.4

A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenLi

7.5HIGH

CVE-2020-25689

all versions

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, ge

5.3MEDIUM

CVE-2020-14299

< 5.0.3

A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a leg

6.5MEDIUM

CVE-2020-25644

all versions

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow t

7.5HIGH

CVE-2020-10687

all versions

A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-26

4.8MEDIUM

CVE-2020-1710

all versions

The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instea

5.3MEDIUM

CVE-2020-14384

all versions

A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leav

7.5HIGH

CVE-2019-14900

all versions

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the

6.5MEDIUM

CVE-2020-10705

all versions

A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" hea

7.5HIGH

CVE-2020-10719

all versions

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk si

6.5MEDIUM

CVE-2020-10693

all versions

A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expre

5.3MEDIUM

CVE-2020-1732

all versions

A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corrupt

4.2MEDIUM

CVE-2020-1757

all versions

A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions p

8.1HIGH

CVE-2019-14887

all versions

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuratio

9.1CRITICAL

CVE-2011-2487

all versions

The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptib

5.9MEDIUM

CVE-2019-14892

all versions

A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deser

9.8CRITICAL

CVE-2019-20445

all versions

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header,

9.1CRITICAL

CVE-2019-20444

all versions

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate h

9.1CRITICAL

CVE-2020-7238

all versions

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Enc

7.5HIGH

CVE-2019-14885

< 7.2.6

A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's

4.3MEDIUM

CVE-2012-5626

all versions

EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat

7.5HIGH

CVE-2019-14888

all versions

A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can targe

7.5HIGH

CVE-2019-14820

all versions

It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, whi

4.3MEDIUM

CVE-2019-14843

all versions

A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw cou

8.8HIGH

CVE-2014-0169

all versions

In JBoss EAP 6 a security domain is configured to use a cache that is shared between all applications that are in the security dom

6.5MEDIUM

CVE-2012-2312

all versions

An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context pro

7.8HIGH

CVE-2013-6495

>= 6.0.0 and < 6.1.1

JBossWeb Bayeux has reflected XSS

6.1MEDIUM

CVE-2019-10174

all versions

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any appl

8.8HIGH

CVE-2019-10172

all versions

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-

7.5HIGH

CVE-2019-10219

all versions

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting

6.1MEDIUM

CVE-2019-0210

all versions

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with i

7.5HIGH

CVE-2019-0205

all versions

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific

7.5HIGH

CVE-2019-14838

all versions

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allo

4.9MEDIUM

CVE-2019-17531

all versions

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (eith

9.8CRITICAL

CVE-2019-17267

all versions

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.E

9.8CRITICAL

CVE-2019-10212

all versions

A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could a

9.8CRITICAL

CVE-2019-16943

all versions

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (eith

9.8CRITICAL

CVE-2019-16942

all versions

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (eith

9.8CRITICAL

CVE-2019-10202

all versions

A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-1

9.8CRITICAL

CVE-2019-16869

all versions

Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), w

7.5HIGH

CVE-2019-16335

all versions

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDa

9.8CRITICAL

CVE-2019-14540

all versions

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariCo

9.8CRITICAL

CVE-2019-12400

all versions

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents

5.5MEDIUM

CVE-2019-10086

all versions

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker

7.3HIGH

CVE-2019-9518

all versions

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker se

7.5HIGH

CVE-2019-9517

all versions

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. Th

7.5HIGH

CVE-2019-9516

all versions

Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stre

6.5MEDIUM

CVE-2019-9515

all versions

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a s

7.5HIGH

CVE-2019-9514

all versions

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a numb

7.5HIGH

CVE-2019-9513

all versions

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates mul

7.5HIGH

CVE-2019-9511

all versions

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading

7.5HIGH

CVE-2019-14379

all versions

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.

9.8CRITICAL

CVE-2019-10184

all versions

undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures pred

7.5HIGH

CVE-2019-3873

all versions

It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLr

6.4MEDIUM

CVE-2019-3872

all versions

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platfor

5.4MEDIUM

CVE-2019-3894

all versions

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity

8.8HIGH

CVE-2019-3805

all versions

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to

4.7MEDIUM

CVE-2018-10934

all versions

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users wi

5.4MEDIUM

CVE-2018-12023

all versions

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (eithe

7.5HIGH

CVE-2018-12022

all versions

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (eithe

7.5HIGH

CVE-2018-14721

all versions

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by

10.0CRITICAL

CVE-2018-14720

all versions

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failu

9.8CRITICAL

CVE-2018-14642

all versions

An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the cod

5.3MEDIUM

CVE-2016-7066

< 7.1.0

It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 ca

7.8HIGH

CVE-2016-7061

< 7.0.4

An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that wh

3.5LOW

CVE-2018-1000632

all versions

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAtt

7.5HIGH

CVE-2018-1336

all versions

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder cau

7.5HIGH

CVE-2016-8657

all versions

It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/j

7.8HIGH

CVE-2017-2670

all versions

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thr

7.5HIGH

CVE-2017-2595

all versions

It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated

7.7HIGH

CVE-2017-12165

all versions

It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can

2.6LOW

CVE-2018-10862

all versions

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of cr

5.5MEDIUM

CVE-2017-2666

all versions

It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploite

6.5MEDIUM

CVE-2017-7464

all versions

It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An att

8.7HIGH

CVE-2017-2582

all versions

It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for o

6.5MEDIUM

CVE-2017-12167

< 7.0.9

It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that cont

5.5MEDIUM

CVE-2018-8039

all versions

It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pk

8.1HIGH

CVE-2017-7465

all versions

It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker c

9.0CRITICAL

CVE-2018-1000180

all versions

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair genera

7.5HIGH

CVE-2016-8656

all versions

Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which coul

7.0HIGH

CVE-2018-1067

all versions

In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server

6.1MEDIUM

CVE-2016-8627

all versions

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs t

4.3MEDIUM

CVE-2018-10237

all versions

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service a

5.9MEDIUM

CVE-2017-12196

all versions

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server d

4.8MEDIUM

CVE-2018-8088

all versions

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended acce

9.8CRITICAL

CVE-2016-9585

all versions

Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX endpoint when deserializes the credent

5.3MEDIUM

CVE-2017-12174

all versions

It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array

7.5HIGH

CVE-2018-1304

all versions

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M

5.9MEDIUM

CVE-2018-7489

all versions

FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code executi

9.8CRITICAL

CVE-2018-1041

all versions

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffe

7.5HIGH

CVE-2017-7525

all versions

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an un

9.8CRITICAL

CVE-2017-15095

all versions

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenti

9.8CRITICAL

CVE-2018-1048

all versions

It was found that the AJP connector in undertow, as shipped in Jboss EAP 7.1.0.GA, does not use the ALLOW_ENCODED_SLASH option and

7.5HIGH

CVE-2018-1047

all versions

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResou

5.5MEDIUM

CVE-2018-5968

all versions

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incom

8.1HIGH

CVE-2017-12189

all versions

It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe fi

7.8HIGH

CVE-2017-17485

all versions

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incom

9.8CRITICAL

CVE-2017-7536

all versions

In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permis

7.0HIGH

CVE-2016-8610

all versions

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol define

7.5HIGH

CVE-2015-7501

all versions

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterp

9.8CRITICAL

CVE-2017-12629

all versions

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of

9.8CRITICAL

CVE-2017-12149

all versions

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in

9.8CRITICAL

CVE-2017-12617

all versions

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs ena

8.1HIGH

CVE-2015-1849

<= 6.4.0

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive i

5.9MEDIUM

CVE-2017-7561

all versions

Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the

7.5HIGH

CVE-2016-6311

all versions

Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to remote attackers.

5.3MEDIUM

CVE-2016-6796

all versions

A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 an

7.5HIGH

CVE-2016-5018

all versions

In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web ap

9.1CRITICAL

CVE-2017-9788

all versions

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was

9.1CRITICAL

CVE-2016-3690

all versions

The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized paylo

9.8CRITICAL

CVE-2017-7504

<= 4.0

HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat J

9.8CRITICAL

CVE-2017-7503

all versions

It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An at

9.8CRITICAL

CVE-2016-7065

all versions

The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial

8.8HIGH

CVE-2016-7046

all versions

Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating as a reverse-proxy with default buffer sizes, allows remote

5.9MEDIUM

CVE-2016-4978

all versions

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST com

7.2HIGH

CVE-2016-5406

<= 7.0.1

The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to

8.8HIGH

CVE-2016-4993

<= 7.0.1

CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platfor

6.1MEDIUM

CVE-2016-3110

all versions

mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server cra

7.5HIGH

CVE-2016-2183

all versions

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bou

7.5HIGH

CVE-2016-2141

all versions

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An

9.8CRITICAL

CVE-2016-2094

all versions

The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by opening a socket and not send

7.5HIGH

CVE-2015-5304

<= 6.4.4

Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which

CVE-2015-5220

<= 6.4.3

The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly JBoss Application Server) allo

CVE-2015-5188

<= 6.4.3

Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before

CVE-2015-5178

<= 6.4.3

The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) doe

CVE-2014-3586

<= 6.3.3

The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (form

CVE-2014-0005

all versions

PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up

CVE-2014-7853

<= 6.3.2

The JBoss Application Server (WildFly) JacORB subsystem in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 does n

CVE-2014-7849

all versions

The Role Based Access Control (RBAC) implementation in JBoss Enterprise Application Platform (EAP) 6.2.0 through 6.3.2 does not pr

CVE-2014-7827

<= 6.3.2

The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Applicatio

CVE-2014-0059

<= 6.2.2

JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permission

CVE-2014-3490

all versions

RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red Hat JBoss Enterprise Application Platform (EAP) 6.3.0, does n

CVE-2014-3472

all versions

The isCallerInRole function in SimpleSecurityManager in JBoss Application Server (AS) 7, as used in Red Hat JBoss Enterprise Appli

CVE-2014-3464

all versions

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) 6.2.0 and 6.3

CVE-2014-3530

all versions

The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Ap

CVE-2014-3518

all versions

jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.

CVE-2014-0226

all versions

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of servi

CVE-2014-0118

all versions

The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request bo

CVE-2014-3481

<= 6.2.3

org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enabl

CVE-2014-0248

all versions

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.

CVE-2014-0035

all versions

The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameTok

CVE-2014-0034

all versions

The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when cach

CVE-2014-0224

all versions

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec mes

7.4HIGH

CVE-2014-0093

all versions

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply per

CVE-2014-0058

all versions

The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters i

CVE-2014-0018

all versions

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manage

CVE-2011-4610

<= 5.1.2

JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Applica

CVE-2012-3427

all versions

EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-

CVE-2013-2185

all versions

The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Pl

CVE-2013-2133

<= 6.1.0

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) before 6.2.0,

CVE-2012-4572

<= 6.0.1

Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of

CVE-2012-4529

all versions

The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set

CVE-2013-4210

all versions

The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web

CVE-2013-4112

all versions

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensit

CVE-2013-1921

<= 6.1.0

PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryptio

CVE-2012-5575

all versions

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic

CVE-2013-4213

all versions

Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which all

CVE-2013-4128

all versions

Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows r

CVE-2011-1483

all versions

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Ente

CVE-2013-2165

all versions

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat

CVE-2013-1896

all versions

mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remot

CVE-2013-1862

all versions

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing

CVE-2012-5629

all versions

The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (

CVE-2013-0218

all versions

The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses w

CVE-2012-5478

all versions

The AuthorizationInterceptor in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Pl

CVE-2012-3370

all versions

The SecurityAssociation.getCredential method in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) befor

CVE-2012-3369

all versions

The CallerIdentityLoginModule in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS P

CVE-2012-0874

all versions

The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform (EAP) before 5.2

CVE-2012-0034

all versions

The NonManagedConnectionFactory in JBoss Enterprise Application Platform (EAP) 5.1.2 and 5.2.0, Web Platform (EWP) 5.1.2 and 5.2.0

CVE-2011-4575

all versions

Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platf

CVE-2012-4550

all versions

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans (EJB) a

5.3MEDIUM

CVE-2012-4549

<= 6.0.0

A flaw was found in JBoss Enterprise Application Platform. The processInvocation function within the `org.jboss.as.ejb3.security

6.5MEDIUM

CVE-2012-1167

all versions

The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BR

CVE-2011-4605

all versions

The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP

CVE-2011-4085

<= 5.1.1

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Plat

CVE-2012-1154

all versions

mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT"

CVE-2009-5066

all versions

twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read

CVE-2011-4608

all versions

mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtua

CVE-2011-4314

all versions

message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, St

CVE-2011-2196

all versions

jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP05

CVE-2011-1484

all versions

jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP04

CVE-2010-4265

all versions

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x bef

CVE-2010-3878

all versions

Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP

CVE-2010-3862

all versions

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x bef

CVE-2010-3708

all versions

The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 bef

CVE-2010-1871

all versions

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize i

8.8HIGH

CVE-2010-1429

<= 4.3.0

Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remo

CVE-2010-1428

all versions

The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before

7.5HIGH

CVE-2010-0738

all versions

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.

5.3MEDIUM

CVE-2009-3554

all versions

Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07

CVE-2009-2405

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Appli

CVE-2009-1380

all versions

Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP

CVE-2009-0027

all versions

The request handler in JBossWS in JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP06 and 4.3 bef

CVE-2008-3519

<= 4.3

The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibl

CVE-2008-3273

<= 4.2.0.cp03

JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attacker

CVE-2008-0455

all versions

Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x se