Red Hat Jboss Enterprise Application Platform Expansion Pack
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Jboss Enterprise Application Platform Expansion Pack.
By the Year
In 2025 there have been 0 vulnerabilities in Red Hat Jboss Enterprise Application Platform Expansion Pack. Last year, in 2024 Jboss Enterprise Application Platform Expansion Pack had 1 security vulnerability published. Right now, Jboss Enterprise Application Platform Expansion Pack is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 1 | 7.50 |
| 2023 | 1 | 7.50 |
| 2022 | 2 | 7.50 |
| 2021 | 2 | 4.80 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Jboss Enterprise Application Platform Expansion Pack vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Jboss Enterprise Application Platform Expansion Pack Security Vulnerabilities
An improper initialization vulnerability was found in Galleon
CVE-2023-4503
7.5 - High
- February 06, 2024
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
Improper Initialization
A flaw was found in undertow
CVE-2023-1108
7.5 - High
- September 14, 2023
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
Infinite Loop
A flaw was found in WildFly, where an attacker
CVE-2022-1278
7.5 - High
- September 13, 2022
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
Insecure Default Initialization of Resource
A flaw was found in JBoss-client
CVE-2022-0853
7.5 - High
- March 11, 2022
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
Memory Leak
A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final
CVE-2021-3642
5.3 - Medium
- August 05, 2021
A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.
Side Channel Attack
A flaw was found in wildfly
CVE-2021-20250
4.3 - Medium
- May 13, 2021
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Jboss Enterprise Application Platform Expansion Pack or by Red Hat? Click the Watch button to subscribe.
