Search for packages
| purl | pkg:rpm/redhat/jboss-as-threads@7.3.2-2.Final_redhat_2.1.ep6?arch=el6 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8meu-4w9v-xudq
Aliases: CVE-2014-0093 |
6: JSM policy not respected by deployed applications | There are no reported fixed by versions. |
|
VCID-h9ds-trhx-m7aj
Aliases: CVE-2013-4286 GHSA-j448-j653-r3vj |
Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090. | There are no reported fixed by versions. |
|
VCID-rh15-vdvr-zkhm
Aliases: CVE-2014-0005 |
PicketBox/JBossSX: Unauthorized access to and modification of application server configuration and state by application | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:48:45.876585+00:00 | RedHat Importer | Affected by | VCID-8meu-4w9v-xudq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0093.json | 38.0.0 |
| 2026-04-01T14:48:43.007176+00:00 | RedHat Importer | Affected by | VCID-h9ds-trhx-m7aj | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4286.json | 38.0.0 |
| 2026-04-01T14:48:33.600577+00:00 | RedHat Importer | Affected by | VCID-rh15-vdvr-zkhm | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0005.json | 38.0.0 |