RHSA-2021:3656
Advisory lineage Upstream: 10 Downstream: 0
Published: 20 Sept 2024, 15:04
Last modified:15 May 2026, 10:08
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.5 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
20 Sept 2024, 15:04
Published
Vulnerability first disclosed
15 May 2026, 10:08
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.1 security update on RHEL 7
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Systems
- redhat•eap7-apache-commons-io
< 0:2.10.0-1.redhat_00001.1.el7eap
- redhat•eap7-jakarta-el
< 0:3.0.3-2.redhat_00006.1.el7eap
- redhat•eap7-netty
< 0:4.1.63-1.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-all
< 0:4.1.63-1.Final_redhat_00001.1.el7eap
- redhat•eap7-undertow
< 0:2.2.9-2.SP1_redhat_00001.1.el7eap
- redhat•eap7-velocity
< 0:2.3.0-1.redhat_00001.1.el7eap
- redhat•eap7-velocity-engine-core
< 0:2.3.0-1.redhat_00001.1.el7eap
- redhat•eap7-wildfly
< 0:7.4.1-2.GA_redhat_00003.1.el7eap
- redhat•eap7-wildfly-elytron
< 0:1.15.5-1.Final_redhat_00001.1.el7eap
- redhat•eap7-wildfly-elytron-tool
< 0:1.15.5-1.Final_redhat_00001.1.el7eap
- redhat•eap7-wildfly-java-jdk11
< 0:7.4.1-2.GA_redhat_00003.1.el7eap
- redhat•eap7-wildfly-java-jdk8
< 0:7.4.1-2.GA_redhat_00003.1.el7eap
- redhat•eap7-wildfly-javadocs
< 0:7.4.1-2.GA_redhat_00003.1.el7eap
- redhat•eap7-wildfly-modules
< 0:7.4.1-2.GA_redhat_00003.1.el7eap
References (75)
- https://access.redhat.com/errata/RHSA-2021:3656
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1937364
- https://bugzilla.redhat.com/show_bug.cgi?id=1937440
- https://bugzilla.redhat.com/show_bug.cgi?id=1944888
- https://bugzilla.redhat.com/show_bug.cgi?id=1948001
- https://bugzilla.redhat.com/show_bug.cgi?id=1948752
- https://bugzilla.redhat.com/show_bug.cgi?id=1965497
- https://bugzilla.redhat.com/show_bug.cgi?id=1970930
- https://bugzilla.redhat.com/show_bug.cgi?id=1976052
- https://bugzilla.redhat.com/show_bug.cgi?id=1981407
- https://bugzilla.redhat.com/show_bug.cgi?id=1991299
- https://issues.redhat.com/browse/JBEAP-18401
- https://issues.redhat.com/browse/JBEAP-21231
- https://issues.redhat.com/browse/JBEAP-21257
- https://issues.redhat.com/browse/JBEAP-21258
- https://issues.redhat.com/browse/JBEAP-21261
- https://issues.redhat.com/browse/JBEAP-21263
- https://issues.redhat.com/browse/JBEAP-21270
- https://issues.redhat.com/browse/JBEAP-21276
- https://issues.redhat.com/browse/JBEAP-21277
- https://issues.redhat.com/browse/JBEAP-21281
- https://issues.redhat.com/browse/JBEAP-21300
- https://issues.redhat.com/browse/JBEAP-21309
- https://issues.redhat.com/browse/JBEAP-21313
- https://issues.redhat.com/browse/JBEAP-21472
- https://issues.redhat.com/browse/JBEAP-21569
- https://issues.redhat.com/browse/JBEAP-21777
- https://issues.redhat.com/browse/JBEAP-21781
- https://issues.redhat.com/browse/JBEAP-21818
- https://issues.redhat.com/browse/JBEAP-21961
- https://issues.redhat.com/browse/JBEAP-21978
- https://issues.redhat.com/browse/JBEAP-22009
- https://issues.redhat.com/browse/JBEAP-22084
- https://issues.redhat.com/browse/JBEAP-22088
- https://issues.redhat.com/browse/JBEAP-22160
- https://issues.redhat.com/browse/JBEAP-22209
- https://issues.redhat.com/browse/JBEAP-22318
- https://issues.redhat.com/browse/JBEAP-22319
- https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3656.json
- https://access.redhat.com/security/cve/CVE-2020-13936
- https://www.cve.org/CVERecord?id=CVE-2020-13936
- https://nvd.nist.gov/vuln/detail/CVE-2020-13936
- https://access.redhat.com/security/cve/CVE-2021-3536
- https://www.cve.org/CVERecord?id=CVE-2021-3536
- https://nvd.nist.gov/vuln/detail/CVE-2021-3536
- https://access.redhat.com/security/cve/CVE-2021-3597
- https://www.cve.org/CVERecord?id=CVE-2021-3597
- https://nvd.nist.gov/vuln/detail/CVE-2021-3597
- https://access.redhat.com/security/cve/CVE-2021-3642
- https://www.cve.org/CVERecord?id=CVE-2021-3642
- https://nvd.nist.gov/vuln/detail/CVE-2021-3642
- https://access.redhat.com/security/cve/CVE-2021-3644
- https://www.cve.org/CVERecord?id=CVE-2021-3644
- https://nvd.nist.gov/vuln/detail/CVE-2021-3644
- https://access.redhat.com/security/cve/CVE-2021-3690
- https://www.cve.org/CVERecord?id=CVE-2021-3690
- https://nvd.nist.gov/vuln/detail/CVE-2021-3690
- https://access.redhat.com/security/cve/CVE-2021-21295
- https://www.cve.org/CVERecord?id=CVE-2021-21295
- https://nvd.nist.gov/vuln/detail/CVE-2021-21295
- https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj
- https://access.redhat.com/security/cve/CVE-2021-21409
- https://www.cve.org/CVERecord?id=CVE-2021-21409
- https://nvd.nist.gov/vuln/detail/CVE-2021-21409
- https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32
- https://access.redhat.com/security/cve/CVE-2021-28170
- https://www.cve.org/CVERecord?id=CVE-2021-28170
- https://nvd.nist.gov/vuln/detail/CVE-2021-28170
- https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/
- https://access.redhat.com/security/cve/CVE-2021-29425
- https://www.cve.org/CVERecord?id=CVE-2021-29425
- https://nvd.nist.gov/vuln/detail/CVE-2021-29425