RHSA-2021:4676
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.2 security update on RHEL 7
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-apache-sshd
< 0:2.7.0-1.redhat_00001.1.el7eap
- redhat•eap7-jsoup
< 0:1.14.2-1.redhat_00002.1.el7eap
- redhat•eap7-resteasy
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-atom-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-cdi
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-client
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-crypto
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-jackson-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-jackson2-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-jaxb-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-jaxrs
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-jettison-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-jose-jwt
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-jsapi
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-json-binding-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-json-p-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-multipart-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-rxjava2
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-spring
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-validator-provider-11
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-resteasy-yaml-provider
< 0:3.15.2-1.Final_redhat_00001.1.el7eap
- redhat•eap7-undertow
< 0:2.2.12-2.Final_redhat_00001.1.el7eap
- redhat•eap7-wildfly
< 0:7.4.2-2.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-java-jdk11
< 0:7.4.2-2.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-java-jdk8
< 0:7.4.2-2.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-javadocs
< 0:7.4.2-2.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-modules
< 0:7.4.2-2.GA_redhat_00002.1.el7eap
References (46)
- https://access.redhat.com/errata/RHSA-2021:4676
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1935927
- https://bugzilla.redhat.com/show_bug.cgi?id=1977362
- https://bugzilla.redhat.com/show_bug.cgi?id=1981527
- https://bugzilla.redhat.com/show_bug.cgi?id=1991305
- https://bugzilla.redhat.com/show_bug.cgi?id=1995259
- https://issues.redhat.com/browse/JBEAP-21308
- https://issues.redhat.com/browse/JBEAP-21973
- https://issues.redhat.com/browse/JBEAP-22208
- https://issues.redhat.com/browse/JBEAP-22213
- https://issues.redhat.com/browse/JBEAP-22254
- https://issues.redhat.com/browse/JBEAP-22255
- https://issues.redhat.com/browse/JBEAP-22344
- https://issues.redhat.com/browse/JBEAP-22347
- https://issues.redhat.com/browse/JBEAP-22365
- https://issues.redhat.com/browse/JBEAP-22367
- https://issues.redhat.com/browse/JBEAP-22435
- https://issues.redhat.com/browse/JBEAP-22462
- https://issues.redhat.com/browse/JBEAP-22487
- https://issues.redhat.com/browse/JBEAP-22493
- https://issues.redhat.com/browse/JBEAP-22494
- https://issues.redhat.com/browse/JBEAP-22500
- https://issues.redhat.com/browse/JBEAP-22504
- https://issues.redhat.com/browse/JBEAP-22515
- https://issues.redhat.com/browse/JBEAP-22517
- https://issues.redhat.com/browse/JBEAP-22522
- https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4676.json
- https://access.redhat.com/security/cve/CVE-2021-3629
- https://www.cve.org/CVERecord?id=CVE-2021-3629
- https://nvd.nist.gov/vuln/detail/CVE-2021-3629
- https://access.redhat.com/security/cve/CVE-2021-3717
- https://www.cve.org/CVERecord?id=CVE-2021-3717
- https://nvd.nist.gov/vuln/detail/CVE-2021-3717
- https://access.redhat.com/security/cve/CVE-2021-20289
- https://www.cve.org/CVERecord?id=CVE-2021-20289
- https://nvd.nist.gov/vuln/detail/CVE-2021-20289
- https://access.redhat.com/security/cve/CVE-2021-30129
- https://www.cve.org/CVERecord?id=CVE-2021-30129
- https://nvd.nist.gov/vuln/detail/CVE-2021-30129
- https://access.redhat.com/security/cve/CVE-2021-37714
- https://www.cve.org/CVERecord?id=CVE-2021-37714
- https://nvd.nist.gov/vuln/detail/CVE-2021-37714
- https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c