CVE-2026-28369

all versions

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, i

8.7HIGH

CVE-2026-28368

all versions

A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header nam

8.7HIGH

CVE-2026-28367

all versions

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. T

8.7HIGH

CVE-2026-3260

all versions

A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipa

5.9MEDIUM

CVE-2025-12543

all versions

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow

9.6CRITICAL

CVE-2025-9784

all versions

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counte

7.5HIGH

CVE-2024-7885

all versions

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple r

7.5HIGH

CVE-2023-44487

all versions

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q

7.5HIGH

CVE-2023-1108

all versions

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status update

7.5HIGH

CVE-2022-1415

all versions

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows

8.1HIGH

CVE-2019-14841

all versions

A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw all

8.8HIGH

CVE-2021-4178

all versions

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an i

6.7MEDIUM

CVE-2019-14839

all versions

It was observed that while login into Business-central console, HTTP request discloses sensitive information like username and pas

7.5HIGH

CVE-2022-0853

all versions

A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransacti

7.5HIGH

CVE-2021-4104

all versions

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j config

7.5HIGH

CVE-2021-3642

all versions

A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where Scra

5.3MEDIUM

CVE-2021-20306

all versions

A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any project can see the name of Rule

4.3MEDIUM

CVE-2021-20218

all versions

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause

7.4HIGH

CVE-2020-10714

all versions

A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session

7.5HIGH

CVE-2020-1748

all versions

A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager check

7.5HIGH

CVE-2020-1714

all versions

A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks.

8.8HIGH

CVE-2019-14892

all versions

A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deser

9.8CRITICAL

CVE-2019-14863

all versions

There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the

6.1MEDIUM

CVE-2019-14862

all versions

There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web a

6.1MEDIUM