Vulnerabilities > Redhat > Jboss Enterprise Application Platform > 7.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-12 | CVE-2023-5379 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products A flaw was found in Undertow. | 7.5 |
2023-10-10 | CVE-2023-44487 | Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
2023-02-23 | CVE-2022-4492 | Unspecified vulnerability in Redhat products The undertow client is not checking the server identity presented by the server certificate in https connections. | 7.5 |
2023-01-13 | CVE-2022-3143 | Information Exposure Through Discrepancy vulnerability in Redhat products wildfly-elytron: possible timing attacks via use of unsafe comparator. | 7.4 |
2022-09-01 | CVE-2022-2764 | A flaw was found in Undertow. | 4.9 |
2022-08-31 | CVE-2022-1259 | Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. | 7.5 |
2022-03-11 | CVE-2022-0853 | Memory Leak vulnerability in Redhat products A flaw was found in JBoss-client. | 5.0 |
2021-10-08 | CVE-2021-32029 | Out-of-bounds Read vulnerability in multiple products A flaw was found in postgresql. | 4.0 |
2021-08-05 | CVE-2021-3642 | Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. | 3.5 |
2021-06-01 | CVE-2021-32027 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. | 8.8 |