Red hat jboss core services

This hub aggregates every CVE we track for Red hat jboss core services, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat jboss core services.

• CVE-2026-6732Libxml2: libxml2: denial of service via crafted xsd-validated document6.5Apr 23, 2026
• CVE-2026-3234Mod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injection4.3Mar 12, 2026
• CVE-2026-27171zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.2.9Feb 18, 2026
• CVE-2026-1757Libxml2: memory leak leading to local denial of service in xmllint interactive shell6.2Feb 2, 2026
• CVE-2026-0992Libxml2: libxml2: denial of service via crafted xml catalogs2.9Jan 15, 2026
• CVE-2026-0989Libxml2: unbounded relaxng include recursion leading to stack overflow3.7Jan 15, 2026
• CVE-2026-0990Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing5.9Jan 15, 2026
• CVE-2025-58098Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...8.3Dec 5, 2025
• CVE-2025-66200Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo5.4Dec 5, 2025
• CVE-2025-55753Apache HTTP Server: mod_md (ACME), unintended retry intervals7.5Dec 5, 2025
• CVE-2025-59375libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.7.5Sep 15, 2025
• CVE-2025-49812Apache HTTP Server: mod_ssl TLS upgrade attack7.4Jul 10, 2025
• CVE-2025-49630Apache HTTP Server: mod_proxy_http2 denial of service7.5Jul 10, 2025
• CVE-2025-23048Apache HTTP Server: mod_ssl access control bypass with session resumption9.1Jul 10, 2025
• CVE-2024-47252Apache HTTP Server: mod_ssl error log variable escaping7.5Jul 10, 2025