Approved changes feed: RSS · Atom
cpe:2.3:a:[unknown]:jboss:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | [Unknown] (5b07108a-8f0c-5d28-ab99-c4ff62adb460) |
|---|---|
| Product | Jboss (b5b65f5b-76b0-58fd-96b4-820d58556346) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-7465 |
vulnerable | 2026-06-03 14:37:32.012936 |
Details available
CRITICAL (9)
It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing. Doing a transform in JAXP requires the use of a 'javax.xml.transform.TransformerFactory'. If the FEATURE_SECURE_PROCESSING feature is set to 'true', it mitigates this vulnerability.
Published: 2018-06-27T16:00:00.000Z
Updated: 2024-08-05T16:04:11.524Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-7464 |
vulnerable | 2026-06-03 14:37:32.011938 |
Details available
HIGH (8.7)
It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An attacker could use this flaw to cause DoS, SSRF, or information disclosure if they are able to provide XML content for parsing.
Published: 2018-07-27T12:00:00.000Z
Updated: 2024-08-05T16:04:11.737Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.