Vulnerabilities > Redhat > Jboss Core Services
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-13 | CVE-2019-9516 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. | 6.5 |
2019-08-13 | CVE-2019-9515 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. | 7.5 |
2019-08-13 | CVE-2019-9514 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. | 7.5 |
2019-08-13 | CVE-2019-9513 | Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. | 7.5 |
2019-08-13 | CVE-2019-9511 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. | 7.5 |
2019-06-11 | CVE-2019-0197 | HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. | 4.2 |
2019-01-30 | CVE-2018-17189 | Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. | 5.3 |
2018-10-31 | CVE-2018-11759 | Path Traversal vulnerability in multiple products The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. | 7.5 |
2018-08-16 | CVE-2016-9598 | Out-of-bounds Read vulnerability in multiple products libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. | 4.3 |
2018-08-16 | CVE-2016-9596 | Resource Exhaustion vulnerability in multiple products libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. | 6.5 |