Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jboss_enterprise_application_platform
(Redhat)| Repositories |
• https://github.com/FasterXML/jackson-databind
• https://github.com/bcgit/bc-java • https://github.com/qos-ch/slf4j • https://github.com/apache/cxf • https://github.com/dom4j/dom4j |
| #Vulnerabilities | 230 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-09-23 | CVE-2008-3519 | The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote attackers to obtain sensitive information (non-EJB classes) via a download request, a different vulnerability than CVE-2008-3273. | Jboss_enterprise_application_platform | N/A |