Red hat jboss enterprise application platform 7.4 for rhel 8
This hub aggregates every CVE we track for Red hat jboss enterprise application platform 7.4 for rhel 8, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
18
CVEs tracked
0
Critical
10
High
0
In CISA KEV
Severity distribution
HIGH10MEDIUM8
Monthly trend
1
0
1
2
0
1
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat jboss enterprise application platform 7.4 for rhel 8.
- CVE-2025-2251Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution6.2
- CVE-2025-23367Org.wildfly.core:wildfly-server: wildfly improper rbac permission6.5
- CVE-2023-4639Undertow: cookie smuggling/spoofing7.4
- CVE-2023-1973Undertow: unrestricted request storage leads to memory exhaustion7.5
- CVE-2024-10234Wildfly: wildfly vulnerable to cross-site scripting (xss)6.1
- CVE-2024-7885Undertow: improper state management in proxy protocol parsing causes information leakage7.5
- CVE-2024-3653Undertow: learningpushhandler can lead to remote memory dos attacks5.3
- CVE-2024-5971Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket7.5
- CVE-2024-4029Wildfly: no timeout for eap management interface may lead to denial of service (dos)4.1
- CVE-2024-1233Eap: wildfly-elytron has a ssrf security issue7.3
- CVE-2023-5685Xnio: stackoverflowexception when the chain of notifier states becomes problematically big7.5
- CVE-2024-1635Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol7.5
- CVE-2024-1459Undertow: directory traversal vulnerability5.3
- CVE-2023-4503Eap-galleon: custom provisioning creates unsecured http-invoker6.8
- CVE-2023-3171Eap-7: heap exhaustion via deserialization7.5
Product normalization is registry-driven with AI assist and human review. How it works