Vulnerabilities > Redhat > Jboss Wildfly Application Server > High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-12	CVE-2016-9589	Resource Exhaustion vulnerability in Redhat Jboss Wildfly Application Server Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. network low complexity redhat CWE-400	7.5
2017-07-21	CVE-2015-3198	Information Exposure vulnerability in Redhat Jboss Wildfly Application Server 9.0.0 The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before 10.0.0.Alpha1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL. network low complexity redhat CWE-200	7.5
2016-04-01	CVE-2016-0793	Information Exposure vulnerability in Redhat Jboss Wildfly Application Server 10.0.0 Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the (1) WEB-INF or (2) META-INF directory via a request that contains (a) lowercase or (b) "meaningless" characters. network low complexity redhat CWE-200	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.