Critical severity9.8NVD Advisory· Published Jun 8, 2017· Updated May 13, 2026
CVE-2016-3690
CVE-2016-3690
Description
The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.securityfocus.com/bid/99079nvdThird Party AdvisoryVDB Entry
- access.redhat.com/solutions/178393nvdMitigationVendor Advisory
- access.redhat.com/solutions/45530nvdMitigationVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.