VYPR

JBossWS

by Red Hat

CVEs (2)

  • CVE-2011-2487Mar 11, 2020
    risk 0.00cvss epss 0.02

    The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.

  • CVE-2014-3464Aug 19, 2014
    risk 0.00cvss epss 0.01

    The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise…