Homepage

jboss-as-server vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the jboss-as-server package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Improper Input Validation

<0:7.5.20-1.Final_redhat_1.1.ep6.el7
  • H
Directory Traversal

<0:7.5.20-1.Final_redhat_1.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:7.5.20-1.Final_redhat_1.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:7.5.20-1.Final_redhat_1.1.ep6.el7
  • M
Information Exposure Through Log Files

<0:7.5.22-3.Final_redhat_4.1.ep6.el7
  • H
Resource Exhaustion

<0:7.5.24-2.Final_redhat_00001.1.ep6.el7
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:7.5.21-1.Final_redhat_1.1.ep6.el7
  • M
Cross-site Scripting (XSS)

<0:7.5.22-1.Final_redhat_1.1.ep6.el7
  • H
Improper Input Validation

<0:7.5.17-2.Final_redhat_4.1.ep6.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:7.5.19-2.Final_redhat_2.1.ep6.el7
  • H
Improper Input Validation

<0:7.5.19-2.Final_redhat_2.1.ep6.el7
  • H
Improper Access Control

<0:7.5.13-2.Final_redhat_2.1.ep6.el7
  • H
Resource Exhaustion

<0:7.5.13-2.Final_redhat_2.1.ep6.el7
  • H
Information Exposure

<0:7.5.13-2.Final_redhat_2.1.ep6.el7
  • M
Directory Traversal

<0:7.5.16-1.Final_redhat_1.1.ep6.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:7.5.14-2.Final_redhat_2.1.ep6.el7
  • M
Access Restriction Bypass

<0:7.5.3-1.Final_redhat_2.1.ep6.el7
  • M
Improper Cleanup on Thrown Exception

<0:7.4.3-3.Final_redhat_2.1.ep6.el7
  • M
Improper Access Control

<0:7.4.3-3.Final_redhat_2.1.ep6.el7
  • M
Incorrect Authorization

<0:7.4.3-3.Final_redhat_2.1.ep6.el7
  • M
Incorrect Authorization

<0:7.4.3-3.Final_redhat_2.1.ep6.el7
  • C
Missing Authorization

<0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • H
Insufficient Verification of Data Authenticity

<0:7.5.0-8.Final_redhat_21.1.ep6.el7
  • H
Cross-site Scripting (XSS)

<0:7.5.0-8.Final_redhat_21.1.ep6.el7
  • H
Authentication Bypass by Primary Weakness

<0:7.5.0-8.Final_redhat_21.1.ep6.el7
  • H
Improperly Implemented Security Check for Standard

<0:7.5.0-8.Final_redhat_21.1.ep6.el7
  • H
Use of a Broken or Risky Cryptographic Algorithm

<0:7.5.0-8.Final_redhat_21.1.ep6.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:7.5.0-8.Final_redhat_21.1.ep6.el7
  • M
Improperly Implemented Security Check for Standard

<0:7.5.7-2.Final_redhat_3.1.ep6.el7
  • C
CVE-2016-2141

<0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • H
Allocation of Resources Without Limits or Throttling

<0:7.5.4-2.Final_redhat_4.1.ep6.el7
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.4-2.Final_redhat_4.1.ep6.el7
  • H
Improper Input Validation

<0:7.5.4-2.Final_redhat_4.1.ep6.el7
  • H
Information Exposure

<0:7.5.0-8.Final_redhat_21.1.ep6.el7
  • L
Incorrect Privilege Assignment

<0:7.4.1-2.Final_redhat_3.1.ep6.el7
  • L
Information Exposure

<0:7.5.1-4.Final_redhat_3.1.ep6.el7
  • M
Information Exposure

<0:7.5.18-1.Final_redhat_1.1.ep6.el7
  • H
Incomplete Blacklist

<0:7.5.20-1.Final_redhat_1.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:7.5.24-2.Final_redhat_00001.1.ep6.el7
  • H
SQL Injection

<0:7.5.24-2.Final_redhat_00001.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:7.5.24-2.Final_redhat_00001.1.ep6.el7
  • H
Improper Input Validation

<0:7.5.24-2.Final_redhat_00001.1.ep6.el7
  • M
Improper Input Validation

<0:7.5.15-1.Final_redhat_3.1.ep6.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:7.5.14-2.Final_redhat_2.1.ep6.el7
  • H
Improper Access Control

<0:7.5.20-1.Final_redhat_1.1.ep6.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:7.5.21-1.Final_redhat_1.1.ep6.el7
  • H
Improper Input Validation

<0:7.5.19-2.Final_redhat_2.1.ep6.el7
  • H
Incorrect Privilege Assignment

<0:7.5.17-2.Final_redhat_4.1.ep6.el7
  • H
HTTP Request Smuggling

<0:7.5.13-2.Final_redhat_2.1.ep6.el7
  • M
Allocation of Resources Without Limits or Throttling

<0:7.5.7-2.Final_redhat_3.1.ep6.el7
  • M
Improper Input Validation

<0:7.5.11-1.Final_redhat_1.1.ep6.el7
  • C
Directory Traversal

<0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • C
Deserialization of Untrusted Data

<0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • H
CVE-2015-0254

<0:7.5.6-1.Final_redhat_2.1.ep6.el7
  • M
Improper Input Validation

<0:7.4.2-3.Final_redhat_2.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:7.5.20-1.Final_redhat_1.1.ep6.el7
  • M
Arbitrary Argument Injection

<0:7.5.22-1.Final_redhat_1.1.ep6.el7
  • H
Out-of-Bounds

<0:7.5.21-1.Final_redhat_1.1.ep6.el7
  • M
Improper Input Validation

<0:7.5.22-1.Final_redhat_1.1.ep6.el7
  • H
Deserialization of Untrusted Data

<0:7.5.17-2.Final_redhat_4.1.ep6.el7
  • M
Security Features

<0:7.5.16-1.Final_redhat_1.1.ep6.el7
  • M
Security Features

<0:7.5.16-1.Final_redhat_1.1.ep6.el7
  • H
CVE-2016-6346

<0:7.5.14-2.Final_redhat_2.1.ep6.el7
  • H
Improper Authorization

<0:7.5.23-3.Final_redhat_00002.1.ep6.el7
  • H
Resource Exhaustion

<0:7.5.24-2.Final_redhat_00001.1.ep6.el7
  • M
XML External Entity (XXE) Injection

<0:7.4.3-3.Final_redhat_2.1.ep6.el7