High severity7.5NVD Advisory· Published Mar 10, 2020· Updated Jun 16, 2026
CVE-2012-1094
CVE-2012-1094
Description
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jboss.as:jboss-as-serverMaven | >= 7.0.0.Alpha1, < 7.1.1.Final | 7.1.1.Final |
Affected products
2- JBoss/JBoss ASdescription
Patches
Vulnerability mechanics
References
4- access.redhat.com/security/cve/cve-2012-1094nvdVendor AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor AdvisoryWEB
- github.com/advisories/GHSA-wq8g-hm94-5rqqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2012-1094ghsaADVISORY
News mentions
0No linked articles in our index yet.