Jboss Enterprise Web Server Security Vulnerabilities and Issues — Jboss Enterprise Web Server CVE List

Lucene search

RedhatJboss Enterprise Web Server

4 matches found

CVE•added 2012/01/28 4:5 a.m.•1149 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in co...

4.3CVSS6.2AI score0.76477EPSS

CVE•added 2012/01/18 8:55 p.m.•790 views

CVE-2012-0031

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free...

4.6CVSS7AI score0.01617EPSS

CVE•added 2011/09/20 5:55 a.m.•672 views

CVE-2011-3348

The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.

4.3CVSS6.1AI score0.52324EPSS

CVE•added 2019/11/13 4:15 p.m.•68 views

CVE-2014-3655

JBoss KeyCloak is vulnerable to soft token deletion via CSRF

4.3CVSS4.6AI score0.00183EPSS