Redhat Jboss Middleware — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Jboss Middleware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-4853 — CVSS 8.1 (high): A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting…
CVE-2016-3674 — CVSS 7.5 (high): Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver…
CVE-2017-7957 — CVSS 7.5 (high): XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type…
CVE-2018-1304 — CVSS 5.9 (medium): The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to…
CVE-2023-4065 — CVSS 5.5 (medium): A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in…
CVE-2023-4066 — CVSS 5.5 (medium): A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in…