Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1094 | 1 Redhat | 1 Jboss Application Server | 2020-03-10 | 5.0 MEDIUM | 7.5 HIGH |
| JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed. | |||||
| CVE-2012-2312 | 1 Redhat | 2 Jboss Application Server, Jboss Enterprise Application Platform | 2019-12-23 | 4.6 MEDIUM | 7.8 HIGH |
| An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | |||||