Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Core Services Httpd
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-25680 | 1 Redhat | 2 Jboss Core Services, Jboss Core Services Httpd | 2024-08-04 | 5.4 Medium |
| A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity. | ||||
| CVE-2021-3688 | 1 Redhat | 2 Jboss Core Services, Jboss Core Services Httpd | 2024-08-03 | 4.8 Medium |
| A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity. | ||||
Page 1 of 1.