) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.9:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-19343 |
A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable. Published: March 23, 2021; 5:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-14885 |
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information. Published: January 23, 2020; 5:15:10 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2016-7066 |
It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. Published: September 11, 2018; 10:29:00 AM -0400 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |