Vulnerabilities (CVE)

Filtered by vendor Jboss Subscribe
Filtered by product Enterprise Application Platform
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-2094 1 Jboss 1 Enterprise Application Platform 2024-11-21 5.0 MEDIUM 7.5 HIGH
The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability.
CVE-2008-3273 1 Jboss 1 Enterprise Application Platform 2024-11-21 5.0 MEDIUM N/A
JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string.