Lucene search
K

7 matches found

Snyk
Snyk
added 2026/05/19 8:3 p.m.11 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling via the nuxtisland endpoint when responses are not properly bound to request props, allowing shared-cache poisoning. An attacker can cause users to receive attacker-controlled HTML by priming a shared cache with...

5.8CVSS6AI score0.00091EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/10/01 12:0 a.m.6 views

JBossEAP status servlet info leak

JBoss Enterprise Application Platform aka JBossEAP or EAP before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string...

5CVSS7.4AI score0.47111EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2010/04/27 4:15 a.m.7 views

JBossEAP status servlet info leak

Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this...

5CVSS7.4AI score0.53728EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2010/04/27 3:55 a.m.4 views

JBossEAP status servlet info leak

Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this...

5CVSS7.4AI score0.53728EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2010/04/27 3:39 a.m.4 views

JBossEAP status servlet info leak

Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this...

5CVSS7.4AI score0.53728EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2010/04/27 3:19 a.m.4 views

JBossEAP status servlet info leak

Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this...

5CVSS7.4AI score0.53728EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2008/08/05 7:58 a.m.2 views

JBossEAP status servlet info leak

JBoss Enterprise Application Platform aka JBossEAP or EAP before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string...

5CVSS7.4AI score0.47111EPSS
Exploits6References4
Rows per page
Query Builder