Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:redhat:jboss_core_services:1.0
There are 2 matching records.
Displaying matches 1 through 2.
Vuln ID Summary CVSS Severity
CVE-2018-1333

By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33).

Published: June 18, 2018; 2:29:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-9788

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

Published: July 13, 2017; 12:29:00 PM -0400
V3.0: 9.1 CRITICAL
V2.0: 6.4 MEDIUM