Jboss Wildfly Application Server@* Security Vulnerabilities and Issues — Jboss Wildfly Application Server@* CVE List

Lucene search

RedhatJboss Wildfly Application Server*

3 matches found

CVE•added 2015/10/27 4:59 p.m.•71 views

CVE-2015-5178

The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or...

4.3CVSS6.4AI score0.00505EPSS

CVE•added 2015/10/27 4:59 p.m.•61 views

CVE-2015-5220

The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly JBoss Application Server) allows remote attackers to cause a denial of service (memory consumption) via a large request header.

5CVSS8.8AI score0.01515EPSS

CVE•added 2015/10/27 4:59 p.m.•58 views

CVE-2015-5188

Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make arb...

6.8CVSS9.4AI score0.00331EPSS