Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
RHSA-2026:25125
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2026:25125
Import Source
https://security.access.redhat.com/data/osv/RHSA-2026:25125.json
JSON Data
https://api.test.osv.dev/v1/vulns/RHSA-2026:25125
Upstream
CVE-2026-1605
CVE-2026-28367
CVE-2026-28368
CVE-2026-28369
Published
2026-06-11T10:09:19Z
Modified
2026-06-30T10:44:57Z
Severity
8.7 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.6 security update
Details
References
https://access.redhat.com/errata/RHSA-2026:25125
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1
https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index
https://access.redhat.com/articles/7129481
https://bugzilla.redhat.com/show_bug.cgi?id=2443260
https://bugzilla.redhat.com/show_bug.cgi?id=2443261
https://bugzilla.redhat.com/show_bug.cgi?id=2443262
https://bugzilla.redhat.com/show_bug.cgi?id=2444815
https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25125.json
https://access.redhat.com/security/cve/CVE-2026-1605
https://www.cve.org/CVERecord?id=CVE-2026-1605
https://nvd.nist.gov/vuln/detail/CVE-2026-1605
https://github.com/jetty/jetty.project/security/advisories/GHSA-xxh7-fcf3-rj7f
https://access.redhat.com/security/cve/CVE-2026-28367
https://www.cve.org/CVERecord?id=CVE-2026-28367
https://nvd.nist.gov/vuln/detail/CVE-2026-28367
https://access.redhat.com/security/cve/CVE-2026-28368
https://www.cve.org/CVERecord?id=CVE-2026-28368
https://nvd.nist.gov/vuln/detail/CVE-2026-28368
https://access.redhat.com/security/cve/CVE-2026-28369
https://www.cve.org/CVERecord?id=CVE-2026-28369
https://nvd.nist.gov/vuln/detail/CVE-2026-28369
Affected packages
Red Hat:jboss_enterprise_application_platform:8.1::el8
eap8-activemq-artemis
Package
Name
eap8-activemq-artemis
Purl
pkg:rpm/redhat/eap8-activemq-artemis
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-cli
Package
Name
eap8-activemq-artemis-cli
Purl
pkg:rpm/redhat/eap8-activemq-artemis-cli
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-commons
Package
Name
eap8-activemq-artemis-commons
Purl
pkg:rpm/redhat/eap8-activemq-artemis-commons
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-core-client
Package
Name
eap8-activemq-artemis-core-client
Purl
pkg:rpm/redhat/eap8-activemq-artemis-core-client
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-dto
Package
Name
eap8-activemq-artemis-dto
Purl
pkg:rpm/redhat/eap8-activemq-artemis-dto
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-hornetq-protocol
Package
Name
eap8-activemq-artemis-hornetq-protocol
Purl
pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-hqclient-protocol
Package
Name
eap8-activemq-artemis-hqclient-protocol
Purl
pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-client
Package
Name
eap8-activemq-artemis-jakarta-client
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-ra
Package
Name
eap8-activemq-artemis-jakarta-ra
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-server
Package
Name
eap8-activemq-artemis-jakarta-server
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-service-extensions
Package
Name
eap8-activemq-artemis-jakarta-service-extensions
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jdbc-store
Package
Name
eap8-activemq-artemis-jdbc-store
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-journal
Package
Name
eap8-activemq-artemis-journal
Purl
pkg:rpm/redhat/eap8-activemq-artemis-journal
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-selector
Package
Name
eap8-activemq-artemis-selector
Purl
pkg:rpm/redhat/eap8-activemq-artemis-selector
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-server
Package
Name
eap8-activemq-artemis-server
Purl
pkg:rpm/redhat/eap8-activemq-artemis-server
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-eap-product-conf-parent
Package
Name
eap8-eap-product-conf-parent
Purl
pkg:rpm/redhat/eap8-eap-product-conf-parent
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:801.6.1-1.GA_redhat_00001.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-eap-product-conf-wildfly-ee-feature-pack
Package
Name
eap8-eap-product-conf-wildfly-ee-feature-pack
Purl
pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:801.6.1-1.GA_redhat_00001.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-undertow
Package
Name
eap8-undertow
Purl
pkg:rpm/redhat/eap8-undertow
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.3.24-3.SP2_redhat_00001.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly
Package
Name
eap8-wildfly
Purl
pkg:rpm/redhat/eap8-wildfly
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly-java-jdk17
Package
Name
eap8-wildfly-java-jdk17
Purl
pkg:rpm/redhat/eap8-wildfly-java-jdk17
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly-java-jdk21
Package
Name
eap8-wildfly-java-jdk21
Purl
pkg:rpm/redhat/eap8-wildfly-java-jdk21
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly-modules
Package
Name
eap8-wildfly-modules
Purl
pkg:rpm/redhat/eap8-wildfly-modules
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el8eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
Red Hat:jboss_enterprise_application_platform:8.1::el9
eap8-activemq-artemis
Package
Name
eap8-activemq-artemis
Purl
pkg:rpm/redhat/eap8-activemq-artemis
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-cli
Package
Name
eap8-activemq-artemis-cli
Purl
pkg:rpm/redhat/eap8-activemq-artemis-cli
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-commons
Package
Name
eap8-activemq-artemis-commons
Purl
pkg:rpm/redhat/eap8-activemq-artemis-commons
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-core-client
Package
Name
eap8-activemq-artemis-core-client
Purl
pkg:rpm/redhat/eap8-activemq-artemis-core-client
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-dto
Package
Name
eap8-activemq-artemis-dto
Purl
pkg:rpm/redhat/eap8-activemq-artemis-dto
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-hornetq-protocol
Package
Name
eap8-activemq-artemis-hornetq-protocol
Purl
pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-hqclient-protocol
Package
Name
eap8-activemq-artemis-hqclient-protocol
Purl
pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-client
Package
Name
eap8-activemq-artemis-jakarta-client
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-ra
Package
Name
eap8-activemq-artemis-jakarta-ra
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-server
Package
Name
eap8-activemq-artemis-jakarta-server
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jakarta-service-extensions
Package
Name
eap8-activemq-artemis-jakarta-service-extensions
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-jdbc-store
Package
Name
eap8-activemq-artemis-jdbc-store
Purl
pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-journal
Package
Name
eap8-activemq-artemis-journal
Purl
pkg:rpm/redhat/eap8-activemq-artemis-journal
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-selector
Package
Name
eap8-activemq-artemis-selector
Purl
pkg:rpm/redhat/eap8-activemq-artemis-selector
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-activemq-artemis-server
Package
Name
eap8-activemq-artemis-server
Purl
pkg:rpm/redhat/eap8-activemq-artemis-server
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.40.0-7.redhat_00015.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-eap-product-conf-parent
Package
Name
eap8-eap-product-conf-parent
Purl
pkg:rpm/redhat/eap8-eap-product-conf-parent
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:801.6.1-1.GA_redhat_00001.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-eap-product-conf-wildfly-ee-feature-pack
Package
Name
eap8-eap-product-conf-wildfly-ee-feature-pack
Purl
pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:801.6.1-1.GA_redhat_00001.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-undertow
Package
Name
eap8-undertow
Purl
pkg:rpm/redhat/eap8-undertow
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.3.24-3.SP2_redhat_00001.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly
Package
Name
eap8-wildfly
Purl
pkg:rpm/redhat/eap8-wildfly
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly-java-jdk17
Package
Name
eap8-wildfly-java-jdk17
Purl
pkg:rpm/redhat/eap8-wildfly-java-jdk17
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly-java-jdk21
Package
Name
eap8-wildfly-java-jdk21
Purl
pkg:rpm/redhat/eap8-wildfly-java-jdk21
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
eap8-wildfly-modules
Package
Name
eap8-wildfly-modules
Purl
pkg:rpm/redhat/eap8-wildfly-modules
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.1.6-7.GA_redhat_00010.1.el9eap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:25125.json"
RHSA-2026:25125 - OSV