RHSA-2019:4018
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.5 on RHEL 6 security update
CVSS Metrics
- v3.0•HIGH•Score: 7.5CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-apache-cxf
< 0:3.2.10-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-rt
< 0:3.2.10-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-services
< 0:3.2.10-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-tools
< 0:3.2.10-1.redhat_00001.1.el6eap
- redhat•eap7-byte-buddy
< 0:1.9.11-1.redhat_00002.1.el6eap
- redhat•eap7-glassfish-jsf
< 0:2.3.5-5.SP3_redhat_00003.1.el6eap
- redhat•eap7-hal-console
< 0:3.0.17-2.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate
< 0:5.3.13-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-core
< 0:5.3.13-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-entitymanager
< 0:5.3.13-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-envers
< 0:5.3.13-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-java8
< 0:5.3.13-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-common-api
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-common-impl
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-common-spi
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-core-api
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-core-impl
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-deployers-common
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-jdbc
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar-validator
< 0:1.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-jboss-genericjms
< 0:2.0.2-1.Final_redhat_00001.1.el6eap
- redhat•eap7-jboss-msc
< 0:1.4.11-1.Final_redhat_00001.1.el6eap
- redhat•eap7-jboss-remoting
< 0:5.0.16-2.Final_redhat_00001.1.el6eap
- redhat•eap7-jboss-server-migration
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-cli
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-core
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-eap6.4
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-eap6.4-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.0
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.0-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.1
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.1-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly10.0
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly10.0-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly10.1
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly10.1-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly11.0
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly11.0-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly12.0
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly12.0-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly13.0-server
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly14.0-server
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly8.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly8.2-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly9.0
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly9.0-to-eap7.2
< 0:1.3.1-6.Final_redhat_00006.1.el6eap
- redhat•eap7-jboss-xnio-base
< 0:3.7.6-2.SP1_redhat_00001.1.el6eap
- redhat•eap7-picketbox
< 0:5.0.3-6.Final_redhat_00005.1.el6eap
Showing first 50 affected entries in server-rendered view.
References (60)
- https://access.redhat.com/errata/RHSA-2019:4018
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1735645
- https://bugzilla.redhat.com/show_bug.cgi?id=1735744
- https://bugzilla.redhat.com/show_bug.cgi?id=1735745
- https://bugzilla.redhat.com/show_bug.cgi?id=1741860
- https://bugzilla.redhat.com/show_bug.cgi?id=1751227
- https://bugzilla.redhat.com/show_bug.cgi?id=1752980
- https://issues.redhat.com/browse/JBEAP-17075
- https://issues.redhat.com/browse/JBEAP-17220
- https://issues.redhat.com/browse/JBEAP-17365
- https://issues.redhat.com/browse/JBEAP-17476
- https://issues.redhat.com/browse/JBEAP-17478
- https://issues.redhat.com/browse/JBEAP-17483
- https://issues.redhat.com/browse/JBEAP-17495
- https://issues.redhat.com/browse/JBEAP-17496
- https://issues.redhat.com/browse/JBEAP-17513
- https://issues.redhat.com/browse/JBEAP-17521
- https://issues.redhat.com/browse/JBEAP-17523
- https://issues.redhat.com/browse/JBEAP-17547
- https://issues.redhat.com/browse/JBEAP-17548
- https://issues.redhat.com/browse/JBEAP-17560
- https://issues.redhat.com/browse/JBEAP-17579
- https://issues.redhat.com/browse/JBEAP-17582
- https://issues.redhat.com/browse/JBEAP-17603
- https://issues.redhat.com/browse/JBEAP-17631
- https://issues.redhat.com/browse/JBEAP-17647
- https://issues.redhat.com/browse/JBEAP-17665
- https://issues.redhat.com/browse/JBEAP-17722
- https://issues.redhat.com/browse/JBEAP-17874
- https://issues.redhat.com/browse/JBEAP-17880
- https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_4018.json
- https://access.redhat.com/security/cve/CVE-2019-9511
- https://www.cve.org/CVERecord?id=CVE-2019-9511
- https://nvd.nist.gov/vuln/detail/CVE-2019-9511
- https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
- https://kb.cert.org/vuls/id/605641/
- https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
- https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
- https://access.redhat.com/security/cve/CVE-2019-9512
- https://www.cve.org/CVERecord?id=CVE-2019-9512
- https://nvd.nist.gov/vuln/detail/CVE-2019-9512
- https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg
- https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA
- https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html
- https://access.redhat.com/security/cve/CVE-2019-9514
- https://www.cve.org/CVERecord?id=CVE-2019-9514
- https://nvd.nist.gov/vuln/detail/CVE-2019-9514
- https://access.redhat.com/security/cve/CVE-2019-9515
- https://www.cve.org/CVERecord?id=CVE-2019-9515
- https://nvd.nist.gov/vuln/detail/CVE-2019-9515
- https://access.redhat.com/security/cve/CVE-2019-14838
- https://www.cve.org/CVERecord?id=CVE-2019-14838
- https://nvd.nist.gov/vuln/detail/CVE-2019-14838
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14838
- https://access.redhat.com/security/cve/CVE-2019-14843
- https://www.cve.org/CVERecord?id=CVE-2019-14843
- https://nvd.nist.gov/vuln/detail/CVE-2019-14843