RHSA-2023:0552
- Source
- https://access.redhat.com/errata/RHSA-2023:0552
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2023:0552.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2023:0552
- Related
- Published
- 2024-09-27T15:16:37Z
- Modified
- 2024-10-29T02:28:07Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2023:0552
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1399546
- https://bugzilla.redhat.com/show_bug.cgi?id=1553413
- https://bugzilla.redhat.com/show_bug.cgi?id=1601614
- https://bugzilla.redhat.com/show_bug.cgi?id=1601616
- https://bugzilla.redhat.com/show_bug.cgi?id=1601617
- https://bugzilla.redhat.com/show_bug.cgi?id=1668097
- https://bugzilla.redhat.com/show_bug.cgi?id=1686454
- https://bugzilla.redhat.com/show_bug.cgi?id=1701972
- https://bugzilla.redhat.com/show_bug.cgi?id=1828406
- https://bugzilla.redhat.com/show_bug.cgi?id=1850004
- https://bugzilla.redhat.com/show_bug.cgi?id=2124682
- https://bugzilla.redhat.com/show_bug.cgi?id=2134291
- https://bugzilla.redhat.com/show_bug.cgi?id=2135244
- https://bugzilla.redhat.com/show_bug.cgi?id=2135247
- https://bugzilla.redhat.com/show_bug.cgi?id=2135770
- https://bugzilla.redhat.com/show_bug.cgi?id=2135771
- https://bugzilla.redhat.com/show_bug.cgi?id=2145194
- https://bugzilla.redhat.com/show_bug.cgi?id=2155682
- https://bugzilla.redhat.com/show_bug.cgi?id=2155970
- https://issues.redhat.com/browse/JBEAP-23864
- https://issues.redhat.com/browse/JBEAP-23865
- https://issues.redhat.com/browse/JBEAP-23866
- https://issues.redhat.com/browse/JBEAP-23926
- https://issues.redhat.com/browse/JBEAP-24055
- https://issues.redhat.com/browse/JBEAP-24081
- https://issues.redhat.com/browse/JBEAP-24095
- https://issues.redhat.com/browse/JBEAP-24100
- https://issues.redhat.com/browse/JBEAP-24127
- https://issues.redhat.com/browse/JBEAP-24128
- https://issues.redhat.com/browse/JBEAP-24132
- https://issues.redhat.com/browse/JBEAP-24147
- https://issues.redhat.com/browse/JBEAP-24167
- https://issues.redhat.com/browse/JBEAP-24191
- https://issues.redhat.com/browse/JBEAP-24195
- https://issues.redhat.com/browse/JBEAP-24207
- https://issues.redhat.com/browse/JBEAP-24248
- https://issues.redhat.com/browse/JBEAP-24426
- https://issues.redhat.com/browse/JBEAP-24427
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0552.json
- https://access.redhat.com/security/cve/CVE-2015-9251
- https://www.cve.org/CVERecord?id=CVE-2015-9251
- https://nvd.nist.gov/vuln/detail/CVE-2015-9251
- https://access.redhat.com/security/cve/CVE-2016-10735
- https://www.cve.org/CVERecord?id=CVE-2016-10735
- https://nvd.nist.gov/vuln/detail/CVE-2016-10735
- https://access.redhat.com/security/cve/CVE-2017-18214
- https://www.cve.org/CVERecord?id=CVE-2017-18214
- https://nvd.nist.gov/vuln/detail/CVE-2017-18214
- https://access.redhat.com/security/cve/CVE-2018-14040
- https://www.cve.org/CVERecord?id=CVE-2018-14040
- https://nvd.nist.gov/vuln/detail/CVE-2018-14040
- https://access.redhat.com/security/cve/CVE-2018-14041
- https://www.cve.org/CVERecord?id=CVE-2018-14041
- https://nvd.nist.gov/vuln/detail/CVE-2018-14041
- https://access.redhat.com/security/cve/CVE-2018-14042
- https://www.cve.org/CVERecord?id=CVE-2018-14042
- https://nvd.nist.gov/vuln/detail/CVE-2018-14042
- https://access.redhat.com/security/cve/CVE-2019-8331
- https://www.cve.org/CVERecord?id=CVE-2019-8331
- https://nvd.nist.gov/vuln/detail/CVE-2019-8331
- https://access.redhat.com/security/cve/CVE-2019-11358
- https://www.cve.org/CVERecord?id=CVE-2019-11358
- https://nvd.nist.gov/vuln/detail/CVE-2019-11358
- https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
- https://www.drupal.org/sa-core-2019-006
- https://access.redhat.com/security/cve/CVE-2020-11022
- https://www.cve.org/CVERecord?id=CVE-2020-11022
- https://nvd.nist.gov/vuln/detail/CVE-2020-11022
- https://github.com/advisories/GHSA-gxr4-xjj5-5px2
- https://access.redhat.com/security/cve/CVE-2020-11023
- https://www.cve.org/CVERecord?id=CVE-2020-11023
- https://nvd.nist.gov/vuln/detail/CVE-2020-11023
- https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
- https://access.redhat.com/security/cve/CVE-2022-3143
- https://www.cve.org/CVERecord?id=CVE-2022-3143
- https://nvd.nist.gov/vuln/detail/CVE-2022-3143
- https://access.redhat.com/security/cve/CVE-2022-40149
- https://www.cve.org/CVERecord?id=CVE-2022-40149
- https://nvd.nist.gov/vuln/detail/CVE-2022-40149
- https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
- https://access.redhat.com/security/cve/CVE-2022-40150
- https://www.cve.org/CVERecord?id=CVE-2022-40150
- https://nvd.nist.gov/vuln/detail/CVE-2022-40150
- https://access.redhat.com/security/cve/CVE-2022-40152
- https://www.cve.org/CVERecord?id=CVE-2022-40152
- https://nvd.nist.gov/vuln/detail/CVE-2022-40152
- https://github.com/advisories/GHSA-3f7h-mf4q-vrm4
- https://access.redhat.com/security/cve/CVE-2022-42003
- https://www.cve.org/CVERecord?id=CVE-2022-42003
- https://nvd.nist.gov/vuln/detail/CVE-2022-42003
- https://access.redhat.com/security/cve/CVE-2022-42004
- https://www.cve.org/CVERecord?id=CVE-2022-42004
- https://nvd.nist.gov/vuln/detail/CVE-2022-42004
- https://access.redhat.com/security/cve/CVE-2022-45047
- https://www.cve.org/CVERecord?id=CVE-2022-45047
- https://nvd.nist.gov/vuln/detail/CVE-2022-45047
- https://www.mail-archive.com/dev@mina.apache.org/msg39312.html
- https://access.redhat.com/security/cve/CVE-2022-45693
- https://www.cve.org/CVERecord?id=CVE-2022-45693
- https://nvd.nist.gov/vuln/detail/CVE-2022-45693
- https://access.redhat.com/security/cve/CVE-2022-46364
- https://www.cve.org/CVERecord?id=CVE-2022-46364
- https://nvd.nist.gov/vuln/detail/CVE-2022-46364
- https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
Affected packages
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-hal-console
Package
- Name
- eap7-hal-console
- Purl
- pkg:rpm/redhat/eap7-hal-console
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-wildfly-elytron
Package
- Name
- eap7-wildfly-elytron
- Purl
- pkg:rpm/redhat/eap7-wildfly-elytron
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-wildfly-elytron-tool
Package
- Name
- eap7-wildfly-elytron-tool
- Purl
- pkg:rpm/redhat/eap7-wildfly-elytron-tool
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jettison
Package
- Name
- eap7-jettison
- Purl
- pkg:rpm/redhat/eap7-jettison
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-woodstox-core
Package
- Name
- eap7-woodstox-core
- Purl
- pkg:rpm/redhat/eap7-woodstox-core
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-databind
Package
- Name
- eap7-jackson-databind
- Purl
- pkg:rpm/redhat/eap7-jackson-databind
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-apache-sshd
Package
- Name
- eap7-apache-sshd
- Purl
- pkg:rpm/redhat/eap7-apache-sshd
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-elytron-web
Package
- Name
- eap7-elytron-web
- Purl
- pkg:rpm/redhat/eap7-elytron-web
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-hibernate-search
Package
- Name
- eap7-hibernate-search
- Purl
- pkg:rpm/redhat/eap7-hibernate-search
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-hibernate-search-backend-jgroups
Package
- Name
- eap7-hibernate-search-backend-jgroups
- Purl
- pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-hibernate-search-backend-jms
Package
- Name
- eap7-hibernate-search-backend-jms
- Purl
- pkg:rpm/redhat/eap7-hibernate-search-backend-jms
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-hibernate-search-engine
Package
- Name
- eap7-hibernate-search-engine
- Purl
- pkg:rpm/redhat/eap7-hibernate-search-engine
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-hibernate-search-orm
Package
- Name
- eap7-hibernate-search-orm
- Purl
- pkg:rpm/redhat/eap7-hibernate-search-orm
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-hibernate-search-serialization-avro
Package
- Name
- eap7-hibernate-search-serialization-avro
- Purl
- pkg:rpm/redhat/eap7-hibernate-search-serialization-avro
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar
Package
- Name
- eap7-ironjacamar
- Purl
- pkg:rpm/redhat/eap7-ironjacamar
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-common-api
Package
- Name
- eap7-ironjacamar-common-api
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-common-api
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-common-impl
Package
- Name
- eap7-ironjacamar-common-impl
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-common-impl
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-common-spi
Package
- Name
- eap7-ironjacamar-common-spi
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-common-spi
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-core-api
Package
- Name
- eap7-ironjacamar-core-api
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-core-api
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-core-impl
Package
- Name
- eap7-ironjacamar-core-impl
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-core-impl
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-deployers-common
Package
- Name
- eap7-ironjacamar-deployers-common
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-deployers-common
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-jdbc
Package
- Name
- eap7-ironjacamar-jdbc
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-jdbc
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-ironjacamar-validator
Package
- Name
- eap7-ironjacamar-validator
- Purl
- pkg:rpm/redhat/eap7-ironjacamar-validator
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-annotations
Package
- Name
- eap7-jackson-annotations
- Purl
- pkg:rpm/redhat/eap7-jackson-annotations
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-core
Package
- Name
- eap7-jackson-core
- Purl
- pkg:rpm/redhat/eap7-jackson-core
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-datatype-jdk8
Package
- Name
- eap7-jackson-datatype-jdk8
- Purl
- pkg:rpm/redhat/eap7-jackson-datatype-jdk8
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-datatype-jsr310
Package
- Name
- eap7-jackson-datatype-jsr310
- Purl
- pkg:rpm/redhat/eap7-jackson-datatype-jsr310
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-jaxrs-base
Package
- Name
- eap7-jackson-jaxrs-base
- Purl
- pkg:rpm/redhat/eap7-jackson-jaxrs-base
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-jaxrs-json-provider
Package
- Name
- eap7-jackson-jaxrs-json-provider
- Purl
- pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-jaxrs-providers
Package
- Name
- eap7-jackson-jaxrs-providers
- Purl
- pkg:rpm/redhat/eap7-jackson-jaxrs-providers
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-module-jaxb-annotations
Package
- Name
- eap7-jackson-module-jaxb-annotations
- Purl
- pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-modules-base
Package
- Name
- eap7-jackson-modules-base
- Purl
- pkg:rpm/redhat/eap7-jackson-modules-base
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jackson-modules-java8
Package
- Name
- eap7-jackson-modules-java8
- Purl
- pkg:rpm/redhat/eap7-jackson-modules-java8
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-javaee-security-soteria
Package
- Name
- eap7-javaee-security-soteria
- Purl
- pkg:rpm/redhat/eap7-javaee-security-soteria
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-javaee-security-soteria-enterprise
Package
- Name
- eap7-javaee-security-soteria-enterprise
- Purl
- pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jboss-ejb-client
Package
- Name
- eap7-jboss-ejb-client
- Purl
- pkg:rpm/redhat/eap7-jboss-ejb-client
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jboss-jsf-api_2.3_spec
Package
- Name
- eap7-jboss-jsf-api_2.3_spec
- Purl
- pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jboss-jsp-api_2.3_spec
Package
- Name
- eap7-jboss-jsp-api_2.3_spec
- Purl
- pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jboss-remoting
Package
- Name
- eap7-jboss-remoting
- Purl
- pkg:rpm/redhat/eap7-jboss-remoting
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jboss-server-migration
Package
- Name
- eap7-jboss-server-migration
- Purl
- pkg:rpm/redhat/eap7-jboss-server-migration
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jboss-server-migration-cli
Package
- Name
- eap7-jboss-server-migration-cli
- Purl
- pkg:rpm/redhat/eap7-jboss-server-migration-cli
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-jboss-server-migration-core
Package
- Name
- eap7-jboss-server-migration-core
- Purl
- pkg:rpm/redhat/eap7-jboss-server-migration-core
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-undertow
Package
- Name
- eap7-undertow
- Purl
- pkg:rpm/redhat/eap7-undertow
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-undertow-server
Package
- Name
- eap7-undertow-server
- Purl
- pkg:rpm/redhat/eap7-undertow-server
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-wildfly
Package
- Name
- eap7-wildfly
- Purl
- pkg:rpm/redhat/eap7-wildfly
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-wildfly-java-jdk11
Package
- Name
- eap7-wildfly-java-jdk11
- Purl
- pkg:rpm/redhat/eap7-wildfly-java-jdk11
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-wildfly-java-jdk8
Package
- Name
- eap7-wildfly-java-jdk8
- Purl
- pkg:rpm/redhat/eap7-wildfly-java-jdk8
Red Hat:jboss_enterprise_application_platform:7.4::el7 / eap7-wildfly-javadocs
Package
- Name
- eap7-wildfly-javadocs
- Purl
- pkg:rpm/redhat/eap7-wildfly-javadocs