Jboss Enterprise Application Platform Expansion Pack
by Red Hat
CVEs (16)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28369 | Hig | 0.50 | 8.7 | 0.01 | Mar 27, 2026 | A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote… | ||
| CVE-2026-28368 | Hig | 0.50 | 8.7 | 0.01 | Mar 27, 2026 | A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request… | ||
| CVE-2026-28367 | Hig | 0.50 | 8.7 | 0.01 | Mar 27, 2026 | A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic… | ||
| CVE-2026-3260 | Med | 0.38 | 5.9 | 0.00 | Mar 24, 2026 | A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and… | ||
| CVE-2026-4366 | Med | 0.38 | 5.8 | 0.00 | Mar 18, 2026 | A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or… | ||
| CVE-2026-3121 | Med | 0.35 | 6.5 | 0.00 | Mar 26, 2026 | A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other… | ||
| CVE-2026-4874 | Low | 0.20 | 3.1 | 0.00 | Mar 26, 2026 | A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh token requests. This occurs when a Keycloak client is configured to use the `backchannel.logout.url` with the… | ||
| CVE-2026-3009 | 0.00 | — | 0.00 | Mar 5, 2026 | A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity Provider (IdP) even after it has been disabled by an administrator. An attacker who knows the IdP alias can reuse a previously generated login… | |||
| CVE-2026-0871 | 0.00 | — | 0.00 | Feb 27, 2026 | A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles,… | |||
| CVE-2025-5731 | 0.00 | — | 0.00 | Jun 26, 2025 | A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found. | |||
| CVE-2023-4503 | 0.00 | — | 0.01 | Feb 6, 2024 | An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server. | |||
| CVE-2023-5236 | 0.00 | — | 0.01 | Dec 18, 2023 | A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial… | |||
| CVE-2023-3223 | 0.00 | — | 0.02 | Sep 27, 2023 | A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size,… | |||
| CVE-2022-4245 | 0.00 | — | 0.01 | Sep 25, 2023 | A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection. | |||
| CVE-2022-4244 | 0.00 | — | 0.01 | Sep 25, 2023 | A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file… | |||
| CVE-2022-1415 | 0.00 | — | 0.01 | Sep 11, 2023 | A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server. |
- risk 0.50cvss 8.7epss 0.01
A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote…
- risk 0.50cvss 8.7epss 0.01
A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request…
- risk 0.50cvss 8.7epss 0.01
A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic…
- risk 0.38cvss 5.9epss 0.00
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and…
- risk 0.38cvss 5.8epss 0.00
A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or…
- risk 0.35cvss 6.5epss 0.00
A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other…
- risk 0.20cvss 3.1epss 0.00
A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh token requests. This occurs when a Keycloak client is configured to use the `backchannel.logout.url` with the…
- CVE-2026-3009Mar 5, 2026risk 0.00cvss —epss 0.00
A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity Provider (IdP) even after it has been disabled by an administrator. An attacker who knows the IdP alias can reuse a previously generated login…
- CVE-2026-0871Feb 27, 2026risk 0.00cvss —epss 0.00
A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles,…
- CVE-2025-5731Jun 26, 2025risk 0.00cvss —epss 0.00
A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.
- CVE-2023-4503Feb 6, 2024risk 0.00cvss —epss 0.01
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
- CVE-2023-5236Dec 18, 2023risk 0.00cvss —epss 0.01
A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial…
- CVE-2023-3223Sep 27, 2023risk 0.00cvss —epss 0.02
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size,…
- CVE-2022-4245Sep 25, 2023risk 0.00cvss —epss 0.01
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
- CVE-2022-4244Sep 25, 2023risk 0.00cvss —epss 0.01
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file…
- CVE-2022-1415Sep 11, 2023risk 0.00cvss —epss 0.01
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.