Red hat jboss data grid 7

This hub aggregates every CVE we track for Red hat jboss data grid 7, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat jboss data grid 7.

• CVE-2024-4027Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks7.5Jan 30, 2026
• CVE-2024-3884Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded7.5Dec 3, 2025
• CVE-2024-6875Infinispan: infinispan: rest compare api has buffer leak6.5Mar 28, 2025
• CVE-2025-23368Org.wildfly.core:wildfly-elytron-integration: wildfly elytron brute force attack via cli8.1Mar 4, 2025
• CVE-2025-23367Org.wildfly.core:wildfly-server: wildfly improper rbac permission6.5Jan 30, 2025
• CVE-2025-23366Org.jboss.hal:hal-console: wildfly hal console cross-site scripting6.5Jan 14, 2025
• CVE-2024-8447Narayana: deadlock via multiple join requests sent to lra coordinator5.9Jan 2, 2025
• CVE-2023-4639Undertow: cookie smuggling/spoofing7.4Nov 17, 2024
• CVE-2023-1932Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss6.1Nov 7, 2024
• CVE-2024-10234Wildfly: wildfly vulnerable to cross-site scripting (xss)6.1Oct 22, 2024
• CVE-2024-9622Resteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty45.3Oct 8, 2024
• CVE-2024-7885Undertow: improper state management in proxy protocol parsing causes information leakage7.5Aug 21, 2024
• CVE-2024-3653Undertow: learningpushhandler can lead to remote memory dos attacks5.3Jul 8, 2024
• CVE-2024-5971Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket7.5Jul 8, 2024
• CVE-2024-6162Undertow: url-encoded request path information can be broken on ajp-listener7.5Jun 20, 2024