RHSA-2020:3638
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 security update
CVSS Metrics
- v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-dom4j
< 0:2.1.3-1.redhat_00001.1.el7eap
- redhat•eap7-elytron-web
< 0:1.2.5-1.Final_redhat_00001.1.el7eap
- redhat•eap7-glassfish-jsf
< 0:2.3.5-13.SP3_redhat_00011.1.el7eap
- redhat•eap7-hal-console
< 0:3.0.23-1.Final_redhat_00001.1.el7eap
- redhat•eap7-hibernate
< 0:5.3.17-1.Final_redhat_00001.1.el7eap
- redhat•eap7-hibernate-core
< 0:5.3.17-1.Final_redhat_00001.1.el7eap
- redhat•eap7-hibernate-entitymanager
< 0:5.3.17-1.Final_redhat_00001.1.el7eap
- redhat•eap7-hibernate-envers
< 0:5.3.17-1.Final_redhat_00001.1.el7eap
- redhat•eap7-hibernate-java8
< 0:5.3.17-1.Final_redhat_00001.1.el7eap
- redhat•eap7-hibernate-validator
< 0:6.0.20-1.Final_redhat_00001.1.el7eap
- redhat•eap7-hibernate-validator-cdi
< 0:6.0.20-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-common-api
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-common-impl
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-common-spi
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-core-api
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-core-impl
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-deployers-common
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-jdbc
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-ironjacamar-validator
< 0:1.4.22-1.Final_redhat_00001.1.el7eap
- redhat•eap7-jackson-databind
< 0:2.9.10.4-1.redhat_00001.1.el7eap
- redhat•eap7-jboss-genericjms
< 0:2.0.6-1.Final_redhat_00001.1.el7eap
- redhat•eap7-jboss-jsf-api_2.3_spec
< 0:2.3.5-7.SP2_redhat_00005.1.el7eap
- redhat•eap7-jboss-logmanager
< 0:2.1.15-1.Final_redhat_00001.1.el7eap
- redhat•eap7-jboss-modules
< 0:1.8.10-1.Final_redhat_00001.1.el7eap
- redhat•eap7-jboss-server-migration
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-cli
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-core
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-eap6.4
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-eap6.4-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.0
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.0-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.1
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.1-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly10.0
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly10.0-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly10.1
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly10.1-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly11.0
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly11.0-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly12.0
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly12.0-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly13.0-server
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly14.0-server
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly8.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly8.2-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly9.0
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly9.0-to-eap7.2
< 0:1.3.1-13.Final_redhat_00014.1.el7eap
- redhat•eap7-jboss-xnio-base
< 0:3.7.6-4.SP3_redhat_00001.1.el7eap
Showing first 50 affected entries in server-rendered view.
References (109)
- https://access.redhat.com/errata/RHSA-2020:3638
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1666499
- https://bugzilla.redhat.com/show_bug.cgi?id=1694235
- https://bugzilla.redhat.com/show_bug.cgi?id=1730462
- https://bugzilla.redhat.com/show_bug.cgi?id=1785049
- https://bugzilla.redhat.com/show_bug.cgi?id=1793970
- https://bugzilla.redhat.com/show_bug.cgi?id=1805006
- https://bugzilla.redhat.com/show_bug.cgi?id=1805501
- https://bugzilla.redhat.com/show_bug.cgi?id=1807707
- https://bugzilla.redhat.com/show_bug.cgi?id=1815470
- https://bugzilla.redhat.com/show_bug.cgi?id=1815495
- https://bugzilla.redhat.com/show_bug.cgi?id=1816330
- https://bugzilla.redhat.com/show_bug.cgi?id=1816332
- https://bugzilla.redhat.com/show_bug.cgi?id=1816337
- https://bugzilla.redhat.com/show_bug.cgi?id=1816340
- https://bugzilla.redhat.com/show_bug.cgi?id=1825714
- https://bugzilla.redhat.com/show_bug.cgi?id=1828476
- https://bugzilla.redhat.com/show_bug.cgi?id=1834512
- https://bugzilla.redhat.com/show_bug.cgi?id=1851327
- https://bugzilla.redhat.com/show_bug.cgi?id=1853595
- https://issues.redhat.com/browse/JBEAP-18366
- https://issues.redhat.com/browse/JBEAP-18667
- https://issues.redhat.com/browse/JBEAP-18849
- https://issues.redhat.com/browse/JBEAP-18880
- https://issues.redhat.com/browse/JBEAP-18906
- https://issues.redhat.com/browse/JBEAP-18919
- https://issues.redhat.com/browse/JBEAP-18965
- https://issues.redhat.com/browse/JBEAP-19039
- https://issues.redhat.com/browse/JBEAP-19058
- https://issues.redhat.com/browse/JBEAP-19120
- https://issues.redhat.com/browse/JBEAP-19255
- https://issues.redhat.com/browse/JBEAP-19271
- https://issues.redhat.com/browse/JBEAP-19315
- https://issues.redhat.com/browse/JBEAP-19463
- https://issues.redhat.com/browse/JBEAP-19565
- https://issues.redhat.com/browse/JBEAP-19587
- https://issues.redhat.com/browse/JBEAP-19620
- https://issues.redhat.com/browse/JBEAP-19624
- https://issues.redhat.com/browse/JBEAP-19703
- https://issues.redhat.com/browse/JBEAP-19704
- https://issues.redhat.com/browse/JBEAP-19798
- https://issues.redhat.com/browse/JBEAP-19837
- https://issues.redhat.com/browse/JBEAP-19875
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3638.json
- https://access.redhat.com/security/cve/CVE-2019-14900
- https://www.cve.org/CVERecord?id=CVE-2019-14900
- https://nvd.nist.gov/vuln/detail/CVE-2019-14900
- https://access.redhat.com/security/cve/CVE-2020-1695
- https://www.cve.org/CVERecord?id=CVE-2020-1695
- https://nvd.nist.gov/vuln/detail/CVE-2020-1695
- https://access.redhat.com/security/cve/CVE-2020-1710
- https://www.cve.org/CVERecord?id=CVE-2020-1710
- https://nvd.nist.gov/vuln/detail/CVE-2020-1710
- https://access.redhat.com/security/cve/CVE-2020-1748
- https://www.cve.org/CVERecord?id=CVE-2020-1748
- https://nvd.nist.gov/vuln/detail/CVE-2020-1748
- https://access.redhat.com/security/cve/CVE-2020-6950
- https://www.cve.org/CVERecord?id=CVE-2020-6950
- https://nvd.nist.gov/vuln/detail/CVE-2020-6950
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943
- https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24
- https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741
- https://github.com/eclipse-ee4j/mojarra/issues/4571
- https://github.com/javaserverfaces/mojarra/issues/4364
- https://access.redhat.com/security/cve/CVE-2020-8840
- https://www.cve.org/CVERecord?id=CVE-2020-8840
- https://nvd.nist.gov/vuln/detail/CVE-2020-8840
- https://access.redhat.com/security/cve/CVE-2020-9546
- https://www.cve.org/CVERecord?id=CVE-2020-9546
- https://nvd.nist.gov/vuln/detail/CVE-2020-9546
- https://access.redhat.com/security/cve/CVE-2020-9547
- https://www.cve.org/CVERecord?id=CVE-2020-9547
- https://nvd.nist.gov/vuln/detail/CVE-2020-9547
- https://access.redhat.com/security/cve/CVE-2020-9548
- https://www.cve.org/CVERecord?id=CVE-2020-9548
- https://nvd.nist.gov/vuln/detail/CVE-2020-9548
- https://access.redhat.com/security/cve/CVE-2020-10672
- https://www.cve.org/CVERecord?id=CVE-2020-10672
- https://nvd.nist.gov/vuln/detail/CVE-2020-10672
- https://access.redhat.com/security/cve/CVE-2020-10673
- https://www.cve.org/CVERecord?id=CVE-2020-10673
- https://nvd.nist.gov/vuln/detail/CVE-2020-10673
- https://access.redhat.com/security/cve/CVE-2020-10683
- https://www.cve.org/CVERecord?id=CVE-2020-10683
- https://nvd.nist.gov/vuln/detail/CVE-2020-10683
- https://access.redhat.com/security/cve/CVE-2020-10687
- https://www.cve.org/CVERecord?id=CVE-2020-10687
- https://nvd.nist.gov/vuln/detail/CVE-2020-10687
- https://access.redhat.com/security/cve/CVE-2020-10693
- https://www.cve.org/CVERecord?id=CVE-2020-10693
- https://nvd.nist.gov/vuln/detail/CVE-2020-10693
- https://access.redhat.com/security/cve/CVE-2020-10714
- https://www.cve.org/CVERecord?id=CVE-2020-10714
- https://nvd.nist.gov/vuln/detail/CVE-2020-10714
- https://access.redhat.com/security/cve/CVE-2020-10718
- https://www.cve.org/CVERecord?id=CVE-2020-10718
- https://nvd.nist.gov/vuln/detail/CVE-2020-10718
- https://access.redhat.com/security/cve/CVE-2020-10740
- https://www.cve.org/CVERecord?id=CVE-2020-10740
- https://nvd.nist.gov/vuln/detail/CVE-2020-10740
- https://access.redhat.com/security/cve/CVE-2020-14297
- https://www.cve.org/CVERecord?id=CVE-2020-14297
- https://nvd.nist.gov/vuln/detail/CVE-2020-14297
- https://access.redhat.com/security/cve/CVE-2020-14307
- https://www.cve.org/CVERecord?id=CVE-2020-14307
- https://nvd.nist.gov/vuln/detail/CVE-2020-14307