Jboss Enterprise Application Platform Text-only Advisories Security Vulnerabilities and Issues — Jboss Enterprise Application Platform Text-only Advisories CVE List

Lucene search

RedhatJboss Enterprise Application Platform Text-only Advisories

3 matches found

CVE•added 2023/09/27 3:18 p.m.•559 views

CVE-2023-3223

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass...

7.5CVSS7.3AI score0.00767EPSS

CVE•added 2020/01/27 5:15 p.m.•277 views

CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.

7.5CVSS7.8AI score0.02251EPSS

CVE•added 2020/03/11 4:15 p.m.•106 views

CVE-2011-2487

The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.

5.9CVSS5.7AI score0.0014EPSS