GCVE - cpe:2.3:a:jboss:enterprise_application_platform:4.2.0.cp02:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:jboss:enterprise_application_platform:4.2.0.cp02:*:*:*:*:*:*:*

part: a version: 4.2.0.cp02 update: *

Vendor	Jboss (`d5af4e88-7b39-590c-acfe-40fb2caf622f`)
Product	Enterprise Application Platform (`65293d1b-ca9d-5de9-bb65-1cd78fe51cce`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/jboss-eap/quickstart`	purl2cpe	2026-06-01 10:10:59.807553
`pkg:sourceforge/projects/jboss`	purl2cpe	2026-06-01 10:10:59.807554

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-3273`	vulnerable	2026-06-08 04:50:33.976672	Details available JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. Published: 2008-08-10T20:00:00.000Z Updated: 2024-08-07T09:28:41.976Z Open on db.gcve.eu Reference links http://rhn.redhat.com/errata/RHSA-2008-0828.html http://rhn.redhat.com/errata/RHSA-2008-0826.html http://marc.info/?l=bugtraq&m=132698550418872&w=2 http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp03/html-single/readme/index.html https://exchange.xforce.ibmcloud.com/vulnerabilities/44235	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.