Browse all 3 CVE security advisories affecting JBoss. AI-powered Chinese analysis, POCs, and references for each vulnerability.
JBoss serves as an open-source Java application server primarily used for deploying enterprise Java applications, particularly in large-scale environments. Historically, it has been susceptible to remote code execution vulnerabilities, often through insecure default configurations or exposed management interfaces, along with cross-site scripting and privilege escalation flaws. While no major public security incidents have been widely documented, the platform's complexity and default deployments have consistently attracted attackers. With three current CVEs, JBoss remains a target for exploitation, particularly when misconfigured or left unpatched, emphasizing the need for proper hardening and ongoing maintenance to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2014-3655 | Red Hat Keycloak 跨站请求伪造漏洞 — KeyCloak | 6.5 | - | 2019-11-13 |
This page lists every published CVE security advisory associated with JBoss. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.