Red hat jboss web server
This hub aggregates every CVE we track for Red hat jboss web server, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
17
CVEs tracked
1
Critical
9
High
0
In CISA KEV
Severity distribution
HIGH9MEDIUM7CRITICAL1
Monthly trend
0
0
0
1
1
0
0
0
1
0
1
0
0
0
0
0
0
0
2
0
1
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat jboss web server.
- CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1
- CVE-2026-24734Apache Tomcat Native, Apache Tomcat: OCSP revocation bypass7.5
- CVE-2026-24733Apache Tomcat: Security constraint bypass with HTTP/0.96.5
- CVE-2025-49125Apache Tomcat: Security constraint bypass for pre/post-resources7.5
- CVE-2025-31650Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame7.5
- CVE-2024-12798JaninoEventEvaluator vulnerability7.3
- CVE-2024-38286Apache Tomcat: Denial of Service8.6
- CVE-2024-23672Apache Tomcat: WebSocket DoS with incomplete closing handshake6.3
- CVE-2024-24549Apache Tomcat: HTTP/2 header handling DoS7.5
- CVE-2023-5678Excessive time spent in DH check / generation with large Q parameter value5.3
- CVE-2022-4245Codehaus-plexus: xml external entity (xxe) injection4.3
- CVE-2022-4244Codehaus-plexus: directory traversal7.5
- CVE-2023-3817Excessive time spent checking DH q parameter value5.3
- CVE-2023-2650Possible DoS translating ASN.1 object identifiers6.5
- CVE-2023-0464Excessive Resource Usage Verifying X.509 Policy Constraints7.5
Product normalization is registry-driven with AI assist and human review. How it works