RHSA-2022:4918
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7
CVSS Metrics
- v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-activemq-artemis
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-cli
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-commons
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-core-client
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-dto
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-hornetq-protocol
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-hqclient-protocol
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-jdbc-store
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-jms-client
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-jms-server
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-journal
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-ra
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-selector
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-server
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-service-extensions
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-activemq-artemis-tools
< 0:2.16.0-9.redhat_00042.1.el7eap
- redhat•eap7-h2database
< 0:1.4.197-2.redhat_00004.1.el7eap
- redhat•eap7-hal-console
< 0:3.3.12-1.Final_redhat_00001.1.el7eap
- redhat•eap7-jackson-databind
< 0:2.12.6.1-1.redhat_00003.1.el7eap
- redhat•eap7-jboss-xnio-base
< 0:3.8.7-1.SP1_redhat_00001.1.el7eap
- redhat•eap7-netty
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-all
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-buffer
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-dns
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-haproxy
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-http
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-http2
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-memcache
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-mqtt
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-redis
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-smtp
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-socks
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-stomp
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-codec-xml
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-common
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-handler
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-handler-proxy
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-resolver
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-resolver-dns
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-resolver-dns-classes-macos
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-transport
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-transport-classes-epoll
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-transport-classes-kqueue
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-transport-native-unix-common
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-transport-rxtx
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-transport-sctp
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-netty-transport-udt
< 0:4.1.72-4.Final_redhat_00001.1.el7eap
- redhat•eap7-undertow
< 0:2.2.17-2.SP4_redhat_00001.1.el7eap
- redhat•eap7-wildfly
< 0:7.4.5-3.GA_redhat_00001.1.el7eap
Showing first 50 affected entries in server-rendered view.
References (91)
- https://access.redhat.com/errata/RHSA-2022:4918
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=2004133
- https://bugzilla.redhat.com/show_bug.cgi?id=2004135
- https://bugzilla.redhat.com/show_bug.cgi?id=2031958
- https://bugzilla.redhat.com/show_bug.cgi?id=2039403
- https://bugzilla.redhat.com/show_bug.cgi?id=2041472
- https://bugzilla.redhat.com/show_bug.cgi?id=2044596
- https://bugzilla.redhat.com/show_bug.cgi?id=2047200
- https://bugzilla.redhat.com/show_bug.cgi?id=2047343
- https://bugzilla.redhat.com/show_bug.cgi?id=2060725
- https://bugzilla.redhat.com/show_bug.cgi?id=2060929
- https://bugzilla.redhat.com/show_bug.cgi?id=2063601
- https://bugzilla.redhat.com/show_bug.cgi?id=2064226
- https://bugzilla.redhat.com/show_bug.cgi?id=2064698
- https://bugzilla.redhat.com/show_bug.cgi?id=2072009
- https://bugzilla.redhat.com/show_bug.cgi?id=2073890
- https://issues.redhat.com/browse/JBEAP-23120
- https://issues.redhat.com/browse/JBEAP-23171
- https://issues.redhat.com/browse/JBEAP-23194
- https://issues.redhat.com/browse/JBEAP-23241
- https://issues.redhat.com/browse/JBEAP-23299
- https://issues.redhat.com/browse/JBEAP-23300
- https://issues.redhat.com/browse/JBEAP-23312
- https://issues.redhat.com/browse/JBEAP-23313
- https://issues.redhat.com/browse/JBEAP-23336
- https://issues.redhat.com/browse/JBEAP-23338
- https://issues.redhat.com/browse/JBEAP-23339
- https://issues.redhat.com/browse/JBEAP-23351
- https://issues.redhat.com/browse/JBEAP-23353
- https://issues.redhat.com/browse/JBEAP-23429
- https://issues.redhat.com/browse/JBEAP-23432
- https://issues.redhat.com/browse/JBEAP-23451
- https://issues.redhat.com/browse/JBEAP-23531
- https://issues.redhat.com/browse/JBEAP-23532
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4918.json
- https://access.redhat.com/security/cve/CVE-2020-36518
- https://www.cve.org/CVERecord?id=CVE-2020-36518
- https://nvd.nist.gov/vuln/detail/CVE-2020-36518
- https://github.com/advisories/GHSA-57j2-w4cx-62h2
- https://access.redhat.com/security/cve/CVE-2021-37136
- https://www.cve.org/CVERecord?id=CVE-2021-37136
- https://nvd.nist.gov/vuln/detail/CVE-2021-37136
- https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv
- https://access.redhat.com/security/cve/CVE-2021-37137
- https://www.cve.org/CVERecord?id=CVE-2021-37137
- https://nvd.nist.gov/vuln/detail/CVE-2021-37137
- https://access.redhat.com/security/cve/CVE-2021-42392
- https://www.cve.org/CVERecord?id=CVE-2021-42392
- https://nvd.nist.gov/vuln/detail/CVE-2021-42392
- https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
- https://access.redhat.com/security/cve/CVE-2021-43797
- https://www.cve.org/CVERecord?id=CVE-2021-43797
- https://nvd.nist.gov/vuln/detail/CVE-2021-43797
- https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq
- https://access.redhat.com/security/cve/CVE-2022-0084
- https://www.cve.org/CVERecord?id=CVE-2022-0084
- https://nvd.nist.gov/vuln/detail/CVE-2022-0084
- https://access.redhat.com/security/cve/CVE-2022-0853
- https://www.cve.org/CVERecord?id=CVE-2022-0853
- https://nvd.nist.gov/vuln/detail/CVE-2022-0853
- https://access.redhat.com/security/cve/CVE-2022-0866
- https://www.cve.org/CVERecord?id=CVE-2022-0866
- https://nvd.nist.gov/vuln/detail/CVE-2022-0866
- https://access.redhat.com/security/cve/CVE-2022-1319
- https://www.cve.org/CVERecord?id=CVE-2022-1319
- https://nvd.nist.gov/vuln/detail/CVE-2022-1319
- https://access.redhat.com/security/cve/CVE-2022-21299
- https://www.cve.org/CVERecord?id=CVE-2022-21299
- https://nvd.nist.gov/vuln/detail/CVE-2022-21299
- https://access.redhat.com/security/cve/CVE-2022-21363
- https://www.cve.org/CVERecord?id=CVE-2022-21363
- https://nvd.nist.gov/vuln/detail/CVE-2022-21363
- https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
- https://access.redhat.com/security/cve/CVE-2022-23221
- https://www.cve.org/CVERecord?id=CVE-2022-23221
- https://nvd.nist.gov/vuln/detail/CVE-2022-23221
- https://github.com/advisories/GHSA-45hx-wfhj-473x
- https://access.redhat.com/security/cve/CVE-2022-23437
- https://www.cve.org/CVERecord?id=CVE-2022-23437
- https://nvd.nist.gov/vuln/detail/CVE-2022-23437
- https://access.redhat.com/security/cve/CVE-2022-23913
- https://www.cve.org/CVERecord?id=CVE-2022-23913
- https://nvd.nist.gov/vuln/detail/CVE-2022-23913
- https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
- https://access.redhat.com/security/cve/CVE-2022-24785
- https://www.cve.org/CVERecord?id=CVE-2022-24785
- https://nvd.nist.gov/vuln/detail/CVE-2022-24785
- https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4