RHSA-2020:5340
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Systems
- redhat•eap7-activemq-artemis
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-cli
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-commons
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-core-client
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-dto
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-hornetq-protocol
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-hqclient-protocol
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-jdbc-store
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-jms-client
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-jms-server
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-journal
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-ra
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-selector
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-server
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-service-extensions
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-activemq-artemis-tools
< 0:2.9.0-6.redhat_00016.1.el6eap
- redhat•eap7-fge-btf
< 0:1.2.0-1.redhat_00007.1.el6eap
- redhat•eap7-fge-msg-simple
< 0:1.1.0-1.redhat_00007.1.el6eap
- redhat•eap7-hal-console
< 0:3.2.11-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-validator
< 0:6.0.21-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-validator-cdi
< 0:6.0.21-1.Final_redhat_00001.1.el6eap
- redhat•eap7-jackson-annotations
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jackson-core
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jackson-coreutils
< 0:1.6.0-1.redhat_00006.1.el6eap
- redhat•eap7-jackson-datatype-jdk8
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jackson-datatype-jsr310
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jackson-jaxrs-base
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jackson-jaxrs-json-provider
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jackson-jaxrs-providers
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jackson-module-jaxb-annotations
< 0:2.10.4-3.redhat_00002.1.el6eap
- redhat•eap7-jackson-modules-base
< 0:2.10.4-3.redhat_00002.1.el6eap
- redhat•eap7-jackson-modules-java8
< 0:2.10.4-1.redhat_00002.1.el6eap
- redhat•eap7-jasypt
< 0:1.9.3-1.redhat_00002.1.el6eap
- redhat•eap7-jboss-marshalling
< 0:2.0.10-1.Final_redhat_00001.1.el6eap
- redhat•eap7-jboss-marshalling-river
< 0:2.0.10-1.Final_redhat_00001.1.el6eap
- redhat•eap7-jboss-remoting
< 0:5.0.19-1.Final_redhat_00001.1.el6eap
- redhat•eap7-jboss-server-migration
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-cli
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-core
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-eap6.4
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-eap6.4-to-eap7.3
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.0
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.1
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.2
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.2-to-eap7.3
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-eap7.3-server
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly10.0
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly10.1
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly11.0
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
- redhat•eap7-jboss-server-migration-wildfly12.0
< 0:1.7.2-3.Final_redhat_00004.1.el6eap
Showing first 50 affected entries in server-rendered view.
References (30)
- https://access.redhat.com/errata/RHSA-2020:5340
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1881353
- https://bugzilla.redhat.com/show_bug.cgi?id=1885485
- https://bugzilla.redhat.com/show_bug.cgi?id=1887664
- https://issues.redhat.com/browse/JBEAP-20029
- https://issues.redhat.com/browse/JBEAP-20089
- https://issues.redhat.com/browse/JBEAP-20119
- https://issues.redhat.com/browse/JBEAP-20161
- https://issues.redhat.com/browse/JBEAP-20221
- https://issues.redhat.com/browse/JBEAP-20239
- https://issues.redhat.com/browse/JBEAP-20246
- https://issues.redhat.com/browse/JBEAP-20285
- https://issues.redhat.com/browse/JBEAP-20300
- https://issues.redhat.com/browse/JBEAP-20325
- https://issues.redhat.com/browse/JBEAP-20364
- https://issues.redhat.com/browse/JBEAP-20368
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5340.json
- https://access.redhat.com/security/cve/CVE-2020-25638
- https://www.cve.org/CVERecord?id=CVE-2020-25638
- https://nvd.nist.gov/vuln/detail/CVE-2020-25638
- https://access.redhat.com/security/cve/CVE-2020-25644
- https://www.cve.org/CVERecord?id=CVE-2020-25644
- https://nvd.nist.gov/vuln/detail/CVE-2020-25644
- https://access.redhat.com/security/cve/CVE-2020-25649
- https://www.cve.org/CVERecord?id=CVE-2020-25649
- https://nvd.nist.gov/vuln/detail/CVE-2020-25649
- https://github.com/FasterXML/jackson-databind/issues/2589