RHSA-2021:5151
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 8
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-apache-cxf
< 0:3.3.12-1.redhat_00001.1.el8eap
- redhat•eap7-apache-cxf-rt
< 0:3.3.12-1.redhat_00001.1.el8eap
- redhat•eap7-apache-cxf-services
< 0:3.3.12-1.redhat_00001.1.el8eap
- redhat•eap7-apache-cxf-tools
< 0:3.3.12-1.redhat_00001.1.el8eap
- redhat•eap7-ironjacamar
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-common-api
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-common-impl
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-common-spi
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-core-api
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-core-impl
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-deployers-common
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-jdbc
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-ironjacamar-validator
< 0:1.5.3-1.Final_redhat_00001.1.el8eap
- redhat•eap7-jakarta-el
< 0:3.0.3-3.redhat_00007.1.el8eap
- redhat•eap7-jboss-ejb-client
< 0:4.0.43-1.Final_redhat_00001.1.el8eap
- redhat•eap7-jboss-server-migration
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-cli
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-core
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-eap6.4
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-eap6.4-to-eap7.3
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-eap7.0
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-eap7.1
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-eap7.2
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-eap7.2-to-eap7.3
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-eap7.3-server
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly10.0
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly10.1
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly11.0
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly12.0
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly13.0-server
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly14.0-server
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly15.0-server
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly16.0-server
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly17.0-server
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly18.0-server
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly8.2
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jboss-server-migration-wildfly9.0
< 0:1.7.2-10.Final_redhat_00011.1.el8eap
- redhat•eap7-jsoup
< 0:1.14.2-1.redhat_00002.1.el8eap
- redhat•eap7-resteasy
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-atom-provider
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-cdi
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-client
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-client-microprofile
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-crypto
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-jackson-provider
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-jackson2-provider
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-jaxb-provider
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-jaxrs
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-jettison-provider
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
- redhat•eap7-resteasy-jose-jwt
< 0:3.11.5-1.Final_redhat_00001.1.el8eap
Showing first 50 affected entries in server-rendered view.
References (40)
- https://access.redhat.com/errata/RHSA-2021:5151
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1935927
- https://bugzilla.redhat.com/show_bug.cgi?id=1977362
- https://bugzilla.redhat.com/show_bug.cgi?id=1981407
- https://bugzilla.redhat.com/show_bug.cgi?id=1991305
- https://bugzilla.redhat.com/show_bug.cgi?id=1995259
- https://bugzilla.redhat.com/show_bug.cgi?id=2011190
- https://issues.redhat.com/browse/JBEAP-22145
- https://issues.redhat.com/browse/JBEAP-22314
- https://issues.redhat.com/browse/JBEAP-22332
- https://issues.redhat.com/browse/JBEAP-22343
- https://issues.redhat.com/browse/JBEAP-22363
- https://issues.redhat.com/browse/JBEAP-22490
- https://issues.redhat.com/browse/JBEAP-22501
- https://issues.redhat.com/browse/JBEAP-22523
- https://issues.redhat.com/browse/JBEAP-22734
- https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5151.json
- https://access.redhat.com/security/cve/CVE-2021-3629
- https://www.cve.org/CVERecord?id=CVE-2021-3629
- https://nvd.nist.gov/vuln/detail/CVE-2021-3629
- https://access.redhat.com/security/cve/CVE-2021-3642
- https://www.cve.org/CVERecord?id=CVE-2021-3642
- https://nvd.nist.gov/vuln/detail/CVE-2021-3642
- https://access.redhat.com/security/cve/CVE-2021-3717
- https://www.cve.org/CVERecord?id=CVE-2021-3717
- https://nvd.nist.gov/vuln/detail/CVE-2021-3717
- https://access.redhat.com/security/cve/CVE-2021-20289
- https://www.cve.org/CVERecord?id=CVE-2021-20289
- https://nvd.nist.gov/vuln/detail/CVE-2021-20289
- https://access.redhat.com/security/cve/CVE-2021-37714
- https://www.cve.org/CVERecord?id=CVE-2021-37714
- https://nvd.nist.gov/vuln/detail/CVE-2021-37714
- https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
- https://access.redhat.com/security/cve/CVE-2021-40690
- https://www.cve.org/CVERecord?id=CVE-2021-40690
- https://nvd.nist.gov/vuln/detail/CVE-2021-40690
- https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E