| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-2670 | 5.0 |
It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
|
09-10-2019 - 23:27 | 27-07-2018 - 15:29 | |
| CVE-2017-2666 | 6.4 |
It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject
|
09-10-2019 - 23:27 | 27-07-2018 - 14:29 | |
| CVE-2017-2595 | 4.0 |
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.
|
09-10-2019 - 23:26 | 27-07-2018 - 15:29 | |
| CVE-2016-9606 | 6.8 |
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
|
12-10-2018 - 10:29 | 09-03-2018 - 20:29 |