9 matches found
EUVD-2022-1860
Malicious code in bioql PyPI...
GHSA-WQ8G-HM94-5RQQ JBoss AS may expose root content if excluded-contexts list is mismatched
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
JBoss AS may expose root content if excluded-contexts list is mismatched
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
CVE-2012-1094
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
Design/Logic Flaw
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...
mod_cluster registers and exposes the root context of a server by default, despite ROOT being in the excluded-contexts list
modcluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed...