Vulnerabilities > Redhat > Jboss Enterprise Application Platform > 7.0.0

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2024-7885 Unspecified vulnerability in Redhat products
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests.
network
low complexity
redhat
7.5
7.5
2023-12-12 CVE-2023-5379 Allocation of Resources Without Limits or Throttling vulnerability in Redhat products
A flaw was found in Undertow.
network
low complexity
redhat CWE-770
7.5
7.5
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
7.5
2023-02-23 CVE-2022-4492 Unspecified vulnerability in Redhat products
The undertow client is not checking the server identity presented by the server certificate in https connections.
network
low complexity
redhat
7.5
7.5
2023-01-13 CVE-2022-3143 Information Exposure Through Discrepancy vulnerability in Redhat products
wildfly-elytron: possible timing attacks via use of unsafe comparator.
network
high complexity
redhat CWE-203
7.4
7.4
2022-09-01 CVE-2022-2764 A flaw was found in Undertow.
network
low complexity
redhat netapp
4.9
4.9
2022-08-31 CVE-2022-1259 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
7.5
2022-03-11 CVE-2022-0853 Memory Leak vulnerability in Redhat products
A flaw was found in JBoss-client.
network
low complexity
redhat CWE-401
7.5
7.5
2021-10-08 CVE-2021-32029 Out-of-bounds Read vulnerability in multiple products
A flaw was found in postgresql.
network
low complexity
postgresql redhat CWE-125
6.5
6.5
2021-08-05 CVE-2021-3642 A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled.
network
high complexity
redhat quarkus
5.3
5.3