Security Vulnerabilities Notification to Community

Page listing all the security vulnerabilities in JBoss community projects, for the benefit of the community.




Date: 26 April 2010

Security Issue:  JBoss and CVE-2010-0738

This is a community courtesy notification for a severe security issue affecting some of the JBoss projects and products. Please refer to the following Red Hat KBase article for more information:


JBoss Products & CVE-2010-0738


As a Red Hat/JBoss enterprise customer (paying), you are already notified via the official channels: RHN, CSP etc. Patches/updated products are available to you.


If you are an user of the community project: JBoss Application Server, then you may be affected. Please refer to the kbase article for possible solutions.