RHSA-2025:1747
- Source
- https://access.redhat.com/errata/RHSA-2025:1747
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2025:1747.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/RHSA-2025:1747
- Related
- Published
- 2025-02-24T10:02:48Z
- Modified
- 2025-03-13T10:06:38Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.12 security update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2025:1747
- https://access.redhat.com/security/vulnerabilities/RHSB-2021-009
- https://access.redhat.com/security/updates/classification/#critical
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index
- https://bugzilla.redhat.com/show_bug.cgi?id=1937440
- https://bugzilla.redhat.com/show_bug.cgi?id=2030932
- https://bugzilla.redhat.com/show_bug.cgi?id=2032580
- https://bugzilla.redhat.com/show_bug.cgi?id=2039403
- https://bugzilla.redhat.com/show_bug.cgi?id=2066009
- https://bugzilla.redhat.com/show_bug.cgi?id=2135244
- https://bugzilla.redhat.com/show_bug.cgi?id=2135247
- https://bugzilla.redhat.com/show_bug.cgi?id=2135435
- https://bugzilla.redhat.com/show_bug.cgi?id=2145194
- https://bugzilla.redhat.com/show_bug.cgi?id=2150009
- https://bugzilla.redhat.com/show_bug.cgi?id=2153379
- https://bugzilla.redhat.com/show_bug.cgi?id=2155681
- https://bugzilla.redhat.com/show_bug.cgi?id=2155970
- https://issues.redhat.com/browse/JBEAP-28581
- https://issues.redhat.com/browse/JBEAP-28582
- https://issues.redhat.com/browse/JBEAP-28678
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1747.json
- https://access.redhat.com/security/cve/CVE-2020-13936
- https://www.cve.org/CVERecord?id=CVE-2020-13936
- https://nvd.nist.gov/vuln/detail/CVE-2020-13936
- https://access.redhat.com/security/cve/CVE-2021-42392
- https://www.cve.org/CVERecord?id=CVE-2021-42392
- https://nvd.nist.gov/vuln/detail/CVE-2021-42392
- https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
- https://access.redhat.com/security/cve/CVE-2021-44228
- https://www.cve.org/CVERecord?id=CVE-2021-44228
- https://nvd.nist.gov/vuln/detail/CVE-2021-44228
- https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
- https://logging.apache.org/log4j/2.x/security.html
- https://www.lunasec.io/docs/blog/log4j-zero-day/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://access.redhat.com/security/cve/CVE-2021-44906
- https://www.cve.org/CVERecord?id=CVE-2021-44906
- https://nvd.nist.gov/vuln/detail/CVE-2021-44906
- https://github.com/advisories/GHSA-xvch-5gv4-984h
- https://access.redhat.com/security/cve/CVE-2021-45046
- https://www.cve.org/CVERecord?id=CVE-2021-45046
- https://nvd.nist.gov/vuln/detail/CVE-2021-45046
- https://www.openwall.com/lists/oss-security/2021/12/14/4
- https://access.redhat.com/security/cve/CVE-2022-1471
- https://www.cve.org/CVERecord?id=CVE-2022-1471
- https://nvd.nist.gov/vuln/detail/CVE-2022-1471
- https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
- https://access.redhat.com/security/cve/CVE-2022-41881
- https://www.cve.org/CVERecord?id=CVE-2022-41881
- https://nvd.nist.gov/vuln/detail/CVE-2022-41881
- https://access.redhat.com/security/cve/CVE-2022-42003
- https://www.cve.org/CVERecord?id=CVE-2022-42003
- https://nvd.nist.gov/vuln/detail/CVE-2022-42003
- https://access.redhat.com/security/cve/CVE-2022-42004
- https://www.cve.org/CVERecord?id=CVE-2022-42004
- https://nvd.nist.gov/vuln/detail/CVE-2022-42004
- https://access.redhat.com/security/cve/CVE-2022-42889
- https://www.cve.org/CVERecord?id=CVE-2022-42889
- https://nvd.nist.gov/vuln/detail/CVE-2022-42889
- https://blogs.apache.org/security/entry/cve-2022-42889
- https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
- https://seclists.org/oss-sec/2022/q4/22
- https://access.redhat.com/security/cve/CVE-2022-45047
- https://www.cve.org/CVERecord?id=CVE-2022-45047
- https://nvd.nist.gov/vuln/detail/CVE-2022-45047
- https://www.mail-archive.com/dev@mina.apache.org/msg39312.html
- https://access.redhat.com/security/cve/CVE-2022-45693
- https://www.cve.org/CVERecord?id=CVE-2022-45693
- https://nvd.nist.gov/vuln/detail/CVE-2022-45693
- https://access.redhat.com/security/cve/CVE-2022-46363
- https://www.cve.org/CVERecord?id=CVE-2022-46363
- https://nvd.nist.gov/vuln/detail/CVE-2022-46363
- https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c
Affected packages
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-hal-console
Package
- Name
- eap7-hal-console
- Purl
- pkg:rpm/redhat/eap7-hal-console
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-annotations
Package
- Name
- eap7-jackson-annotations
- Purl
- pkg:rpm/redhat/eap7-jackson-annotations
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-core
Package
- Name
- eap7-jackson-core
- Purl
- pkg:rpm/redhat/eap7-jackson-core
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-databind
Package
- Name
- eap7-jackson-databind
- Purl
- pkg:rpm/redhat/eap7-jackson-databind
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-datatype-jdk8
Package
- Name
- eap7-jackson-datatype-jdk8
- Purl
- pkg:rpm/redhat/eap7-jackson-datatype-jdk8
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-datatype-jsr310
Package
- Name
- eap7-jackson-datatype-jsr310
- Purl
- pkg:rpm/redhat/eap7-jackson-datatype-jsr310
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-jaxrs-base
Package
- Name
- eap7-jackson-jaxrs-base
- Purl
- pkg:rpm/redhat/eap7-jackson-jaxrs-base
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-jaxrs-json-provider
Package
- Name
- eap7-jackson-jaxrs-json-provider
- Purl
- pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-jaxrs-providers
Package
- Name
- eap7-jackson-jaxrs-providers
- Purl
- pkg:rpm/redhat/eap7-jackson-jaxrs-providers
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-module-jaxb-annotations
Package
- Name
- eap7-jackson-module-jaxb-annotations
- Purl
- pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-modules-base
Package
- Name
- eap7-jackson-modules-base
- Purl
- pkg:rpm/redhat/eap7-jackson-modules-base
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jackson-modules-java8
Package
- Name
- eap7-jackson-modules-java8
- Purl
- pkg:rpm/redhat/eap7-jackson-modules-java8
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-jettison
Package
- Name
- eap7-jettison
- Purl
- pkg:rpm/redhat/eap7-jettison
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-netty
Package
- Name
- eap7-netty
- Purl
- pkg:rpm/redhat/eap7-netty
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-netty-all
Package
- Name
- eap7-netty-all
- Purl
- pkg:rpm/redhat/eap7-netty-all
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy
Package
- Name
- eap7-resteasy
- Purl
- pkg:rpm/redhat/eap7-resteasy
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-atom-provider
Package
- Name
- eap7-resteasy-atom-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-atom-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-cdi
Package
- Name
- eap7-resteasy-cdi
- Purl
- pkg:rpm/redhat/eap7-resteasy-cdi
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-client
Package
- Name
- eap7-resteasy-client
- Purl
- pkg:rpm/redhat/eap7-resteasy-client
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-client-microprofile
Package
- Name
- eap7-resteasy-client-microprofile
- Purl
- pkg:rpm/redhat/eap7-resteasy-client-microprofile
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-crypto
Package
- Name
- eap7-resteasy-crypto
- Purl
- pkg:rpm/redhat/eap7-resteasy-crypto
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-jackson-provider
Package
- Name
- eap7-resteasy-jackson-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-jackson-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-jackson2-provider
Package
- Name
- eap7-resteasy-jackson2-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-jackson2-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-jaxb-provider
Package
- Name
- eap7-resteasy-jaxb-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-jaxb-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-jaxrs
Package
- Name
- eap7-resteasy-jaxrs
- Purl
- pkg:rpm/redhat/eap7-resteasy-jaxrs
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-jettison-provider
Package
- Name
- eap7-resteasy-jettison-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-jettison-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-jose-jwt
Package
- Name
- eap7-resteasy-jose-jwt
- Purl
- pkg:rpm/redhat/eap7-resteasy-jose-jwt
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-jsapi
Package
- Name
- eap7-resteasy-jsapi
- Purl
- pkg:rpm/redhat/eap7-resteasy-jsapi
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-json-binding-provider
Package
- Name
- eap7-resteasy-json-binding-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-json-binding-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-json-p-provider
Package
- Name
- eap7-resteasy-json-p-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-json-p-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-multipart-provider
Package
- Name
- eap7-resteasy-multipart-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-multipart-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-rxjava2
Package
- Name
- eap7-resteasy-rxjava2
- Purl
- pkg:rpm/redhat/eap7-resteasy-rxjava2
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-spring
Package
- Name
- eap7-resteasy-spring
- Purl
- pkg:rpm/redhat/eap7-resteasy-spring
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-validator-provider-11
Package
- Name
- eap7-resteasy-validator-provider-11
- Purl
- pkg:rpm/redhat/eap7-resteasy-validator-provider-11
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-resteasy-yaml-provider
Package
- Name
- eap7-resteasy-yaml-provider
- Purl
- pkg:rpm/redhat/eap7-resteasy-yaml-provider
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-snakeyaml
Package
- Name
- eap7-snakeyaml
- Purl
- pkg:rpm/redhat/eap7-snakeyaml
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-wildfly
Package
- Name
- eap7-wildfly
- Purl
- pkg:rpm/redhat/eap7-wildfly
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-wildfly-java-jdk11
Package
- Name
- eap7-wildfly-java-jdk11
- Purl
- pkg:rpm/redhat/eap7-wildfly-java-jdk11
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-wildfly-java-jdk8
Package
- Name
- eap7-wildfly-java-jdk8
- Purl
- pkg:rpm/redhat/eap7-wildfly-java-jdk8
Red Hat:jboss_enterprise_application_platform_eus:7.3::el7 / eap7-wildfly-javadocs
Package
- Name
- eap7-wildfly-javadocs
- Purl
- pkg:rpm/redhat/eap7-wildfly-javadocs