Jboss Enterprise Application Platform vulnerabilities
2 known vulnerabilities affecting jboss/enterprise_application_platform.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-3273P3MEDIUMCVSS 5.0PoC≤ 4.2.0.cp03≤ 4.3.0+2 more2008-08-10
CVE-2008-3273 [MEDIUM] CWE-264 CVE-2008-3273: JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.
JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string.
nvd
CVE-2016-2094P4HIGHCVSS 7.5v6.4.62016-05-06
CVE-2016-2094 [HIGH] CWE-399 CVE-2016-2094: The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by
The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability.
nvd