Redhat Jboss Enterprise Application Platform vulnerabilities

CVE-2026-28368 [HIGH] CWE-444 CVE-2026-28368: A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially cra A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unaut

CVE-2026-28369 [HIGH] CWE-444 CVE-2026-28369: A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line sta A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker t

CVE-2026-3121 [MEDIUM] CWE-266 CVE-2026-3121: A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a miscon A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when

CVE-2026-4874 [LOW] CWE-918 CVE-2026-4874: A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSR A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh token requests. This occurs when a Keycloak client is configured to use the `backchannel.logout.url` with the `application.session.host` placeholder. Successful exploitation allows the a

CVE-2026-3260 [MEDIUM] CWE-770 CVE-2026-3260: A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentia

CVE-2026-4366 [MEDIUM] CWE-918 CVE-2026-4366: A flaw was identified in Keycloak, an identity and access management solution, where it improperly f A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or restricted resources. As a result, sensitive internal services such as cloud

CVE-2026-3009 [HIGH] CWE-863 CVE-2026-3009: A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity Provider (IdP) even after it has been disabled by an administrator. An attacker who knows the IdP alias can reuse a previously generated login request to bypass the administrative restriction. This undermines access control e

CVE-2025-12543 [CRITICAL] CWE-20 CVE-2025-12543: A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Ja A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perf

CVE-2025-9784 [HIGH] CWE-770 CVE-2025-9784: A flaw was found in Undertow where malformed client requests can trigger server-side stream resets w A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implem

CVE-2025-5731 [MEDIUM] CWE-209 CVE-2025-5731: A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes s A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.

CVE-2025-23368 [HIGH] CWE-307 CVE-2025-23368: A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measure A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.

CVE-2025-23367 [MEDIUM] CWE-284 CVE-2025-23367: A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions

CVE-2023-1932 [MEDIUM] CWE-79 CVE-2023-1932: A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.c A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-Scripting (XSS) attacks.

CVE-2024-10234 [MEDIUM] CWE-79 CVE-2024-10234: A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly d A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.

CVE-2024-7885 [HIGH] CWE-362 CVE-2024-7885: A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuil A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to inform

CVE-2024-1102 [MEDIUM] CWE-523 CVE-2024-1102: A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection.

CVE-2024-1635 [HIGH] CWE-400 CVE-2024-1635: A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the

CVE-2023-4503 [MEDIUM] CWE-665 CVE-2023-4503: An improper initialization vulnerability was found in Galleon. When using Galleon to provision custo An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

CVE-2023-3171 [HIGH] CWE-789 CVE-2023-3171: A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.

CVE-2023-3629 [MEDIUM] CWE-304 CVE-2023-3629: A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necess A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.