Product:

Jboss_enterprise_application_platform_text\-Only_advisories

(Redhat)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2020-01-27 CVE-2020-7238 Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869. Debian_linux, Fedora, Netty, Jboss_enterprise_application_platform, Jboss_enterprise_application_platform_text\-Only_advisories, Openshift_application_runtimes_text\-Only_advisories 7.5
2023-09-27 CVE-2023-3223 A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. Jboss_enterprise_application_platform, Jboss_enterprise_application_platform_text\-Only_advisories, Openshift_container_platform, Openshift_container_platform_for_ibm_linuxone, Openshift_container_platform_for_power, Single_sign\-On, Undertow 7.5
2020-03-11 CVE-2011-2487 The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. Cxf, Wss4j, Jboss_business_rules_management_system, Jboss_enterprise_application_platform, Jboss_enterprise_application_platform_text\-Only_advisories, Jboss_enterprise_soa_platform, Jboss_enterprise_web_platform, Jboss_middleware_text\-Only_advisories, Jboss_portal, Jboss_web_services 5.9