← Back

Jboss Enterprise Application Platform Text Only Advisories

jboss_enterprise_application_platform_text-only_advisories

Vendor: Redhat • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-3223
1Redhat
7Jboss Enterprise Application Platform
Jboss Enterprise Application Platform Text Only AdvisoriesOpenshift Container Platform+4 more
Nov 21, 2024
Sep 27, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If th...Show more
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.Show less
CVE-2011-2487
2Apache
Redhat
10Cxf
Jboss Business Rules Management SystemJboss Enterprise Application Platform+7 more
Nov 21, 2024
Mar 11, 2020
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
CVE-2020-7238
4Debian
FedoraprojectNetty+1 more
6Debian Linux
FedoraJboss Enterprise Application Platform+3 more
Nov 21, 2024
Jan 27, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an inc...Show more
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.Show less