org.jboss.as:jboss-as-modcluster@7.1.0.CR1 vulnerabilities

latest version

7.2.0.Final

latest non vulnerable version

7.2.0.Final

first published

13 years ago

latest version published

11 years ago

licenses detected

LGPL-3.0
[7.0.0.CR1,)

package manager

View on Maven Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.jboss.as:jboss-as-modcluster package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Information Exposure org.jboss.as:jboss-as-modcluster is a community edition of the JBoss Application Server Affected versions of this package are vulnerable to Information Exposure in `modcluster/ModClusterService.java`, by exposing hostname information from the root context even if root is in `excluded-contexts`. How to fix Information Exposure? Upgrade `org.jboss.as:jboss-as-modcluster` to version 7.1.1.Final or higher.	[7.0.0.Final,7.1.1.Final)

Information Exposure

org.jboss.as:jboss-as-modcluster is a community edition of the JBoss Application Server

Affected versions of this package are vulnerable to Information Exposure in modcluster/ModClusterService.java, by exposing hostname information from the root context even if root is in excluded-contexts.

How to fix Information Exposure?

Upgrade org.jboss.as:jboss-as-modcluster to version 7.1.1.Final or higher.

[7.0.0.Final,7.1.1.Final)

Go back to all versions of this package