Maven package
org.jboss.as/jboss-as-server
pkg:maven/org.jboss.as/jboss-as-server
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-1094 | Hig | 7.5 | >= 7.0.0.Alpha1, < 7.1.1.Final | 7.1.1.Final | Mar 10, 2020 | JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed. |
- affected >= 7.0.0.Alpha1, < 7.1.1.Finalfixed 7.1.1.Final
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.