Jboss Wildfly Application Server Red Hat Jboss Wildfly Application Server

Do you want an email whenever new security vulnerabilities are reported in Red Hat Jboss Wildfly Application Server?

By the Year

In 2024 there have been 0 vulnerabilities in Red Hat Jboss Wildfly Application Server . Jboss Wildfly Application Server did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 5.50

It may take a day or so for new Jboss Wildfly Application Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Jboss Wildfly Application Server Security Vulnerabilities

A flaw was found in Wildfly 9.x

CVE-2018-1047 5.5 - Medium - January 24, 2018

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

Directory traversal

The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page

CVE-2015-5178 - October 27, 2015

The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.

7PK - Security Features

The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly JBoss Application Server)

CVE-2015-5220 - October 27, 2015

The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly JBoss Application Server) allows remote attackers to cause a denial of service (memory consumption) via a large request header.

Buffer Overflow

Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests

CVE-2015-5188 - October 27, 2015

Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make arbitrary changes to an instance via vectors involving a file upload using a multipart/form-data submission.

Session Riding

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Jboss Wildfly Application Server or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

subscribe