Lucene search
+L

4 matches found

NVD
NVD
added 2025/04/07 2:15 p.m.12 views

CVE-2025-2251

A security flaw exists in WildFly and JBoss Enterprise Application Platform EAP within the Enterprise JavaBeans EJB remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted...

6.2CVSS0.00921EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2025/04/07 2:6 p.m.19 views

CVE-2025-2251 Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution

A security flaw exists in WildFly and JBoss Enterprise Application Platform EAP within the Enterprise JavaBeans EJB remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted...

6.2CVSS7.8AI score0.00921EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/04/07 2:6 p.m.20 views

CVE-2025-2251 Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution

A security flaw exists in WildFly and JBoss Enterprise Application Platform EAP within the Enterprise JavaBeans EJB remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted...

6.2CVSS0.00921EPSS
Exploits0References12
CVE
CVE
added 2025/04/07 2:6 p.m.165 views

CVE-2025-2251

CVE-2025-2251 is an issue in Red Hat JBoss EAP 7.4.x/WildFly where the EJB remote invocation path deserializes untrusted data via JBoss Marshalling, allowing remote code execution without authentication. Red Hat advisories RHSA-2025:10925 and related notices enumerate this vulnerability among sev...

6.2CVSS7.7AI score0.00921EPSS
Exploits0References12
Rows per page
Query Builder