Vulnerabilities > Redhat > Jboss Application Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-10 | CVE-2012-1094 | Information Exposure vulnerability in Redhat Jboss Application Server JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed. | 7.5 |
| 2019-12-18 | CVE-2012-2312 | Improper Privilege Management vulnerability in Redhat products An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | 7.8 |