RHSA-2024:3581
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.2 Security update
CVSS Metrics
- v3.1•HIGH•Score: 7.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Systems
- redhat•eap8-activemq-artemis
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-cli
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-commons
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-core-client
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-dto
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-hornetq-protocol
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-hqclient-protocol
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-jakarta-client
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-jakarta-ra
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-jakarta-server
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-jakarta-service-extensions
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-jdbc-store
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-journal
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-selector
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-activemq-artemis-server
< 0:2.21.0-4.redhat_00048.1.el9eap
- redhat•eap8-amazon-ion-java
< 0:1.0.2-4.redhat_00005.1.el9eap
- redhat•eap8-angus
< 0:2.0.2-3.redhat_00002.1.el9eap
- redhat•eap8-angus-activation
< 0:2.0.1-2.redhat_00005.1.el9eap
- redhat•eap8-angus-mail
< 0:2.0.2-3.redhat_00002.1.el9eap
- redhat•eap8-antlr4
< 0:4.10.1-1.redhat_00001.1.el9eap
- redhat•eap8-antlr4-runtime
< 0:4.10.1-1.redhat_00001.1.el9eap
- redhat•eap8-apache-commons-beanutils
< 0:1.9.4-12.redhat_00003.1.el9eap
- redhat•eap8-apache-commons-codec
< 0:1.15.0-5.redhat_00015.1.el9eap
- redhat•eap8-apache-commons-io
< 0:2.11.0-2.redhat_00003.1.el9eap
- redhat•eap8-apache-cxf
< 0:4.0.0-2.redhat_00002.1.el9eap
- redhat•eap8-apache-cxf-rt
< 0:4.0.0-2.redhat_00002.1.el9eap
- redhat•eap8-apache-cxf-services
< 0:4.0.0-2.redhat_00002.1.el9eap
- redhat•eap8-apache-cxf-tools
< 0:4.0.0-2.redhat_00002.1.el9eap
- redhat•eap8-apache-sshd
< 0:2.12.1-1.redhat_00001.1.el9eap
- redhat•eap8-atinject
< 0:2.0.1-2.redhat_00005.1.el9eap
- redhat•eap8-caffeine
< 0:3.1.8-1.redhat_00001.1.el9eap
- redhat•eap8-codemodel
< 0:4.0.2-4.redhat_00001.1.el9eap
- redhat•eap8-elytron-web
< 0:4.0.1-1.Final_redhat_00001.1.el9eap
- redhat•eap8-fge-btf
< 0:1.2.0-2.redhat_00017.1.el9eap
- redhat•eap8-fge-msg-simple
< 0:1.1.0-2.redhat_00015.1.el9eap
- redhat•eap8-gson
< 0:2.8.9-2.redhat_00002.1.el9eap
- redhat•eap8-guava
< 0:32.1.2-1.jre_redhat_00001.1.el9eap
- redhat•eap8-guava-failureaccess
< 0:1.0.1-4.redhat_00012.1.el9eap
- redhat•eap8-guava-libraries
< 0:32.1.2-1.jre_redhat_00001.1.el9eap
- redhat•eap8-hal-console
< 0:3.6.18-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate
< 0:6.2.18-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-core
< 0:6.2.18-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-envers
< 0:6.2.18-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-search
< 0:6.2.2-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-search-backend-elasticsearch
< 0:6.2.2-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-search-backend-lucene
< 0:6.2.2-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-search-engine
< 0:6.2.2-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-search-mapper-orm-orm6
< 0:6.2.2-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-search-mapper-pojo-base
< 0:6.2.2-1.Final_redhat_00001.1.el9eap
- redhat•eap8-hibernate-search-util-common
< 0:6.2.2-1.Final_redhat_00001.1.el9eap
Showing first 50 affected entries in server-rendered view.
References (61)
- https://access.redhat.com/errata/RHSA-2024:3581
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/
- https://bugzilla.redhat.com/show_bug.cgi?id=2184751
- https://bugzilla.redhat.com/show_bug.cgi?id=2250812
- https://bugzilla.redhat.com/show_bug.cgi?id=2262060
- https://bugzilla.redhat.com/show_bug.cgi?id=2262849
- https://issues.redhat.com/browse/JBEAP-25251
- https://issues.redhat.com/browse/JBEAP-25263
- https://issues.redhat.com/browse/JBEAP-25292
- https://issues.redhat.com/browse/JBEAP-25379
- https://issues.redhat.com/browse/JBEAP-25638
- https://issues.redhat.com/browse/JBEAP-25787
- https://issues.redhat.com/browse/JBEAP-26024
- https://issues.redhat.com/browse/JBEAP-26205
- https://issues.redhat.com/browse/JBEAP-26224
- https://issues.redhat.com/browse/JBEAP-26290
- https://issues.redhat.com/browse/JBEAP-26407
- https://issues.redhat.com/browse/JBEAP-26468
- https://issues.redhat.com/browse/JBEAP-26529
- https://issues.redhat.com/browse/JBEAP-26532
- https://issues.redhat.com/browse/JBEAP-26573
- https://issues.redhat.com/browse/JBEAP-26588
- https://issues.redhat.com/browse/JBEAP-26635
- https://issues.redhat.com/browse/JBEAP-26637
- https://issues.redhat.com/browse/JBEAP-26642
- https://issues.redhat.com/browse/JBEAP-26651
- https://issues.redhat.com/browse/JBEAP-26677
- https://issues.redhat.com/browse/JBEAP-26681
- https://issues.redhat.com/browse/JBEAP-26758
- https://issues.redhat.com/browse/JBEAP-26766
- https://issues.redhat.com/browse/JBEAP-26770
- https://issues.redhat.com/browse/JBEAP-26806
- https://issues.redhat.com/browse/JBEAP-26812
- https://issues.redhat.com/browse/JBEAP-26813
- https://issues.redhat.com/browse/JBEAP-26832
- https://issues.redhat.com/browse/JBEAP-26864
- https://issues.redhat.com/browse/JBEAP-26868
- https://issues.redhat.com/browse/JBEAP-26881
- https://issues.redhat.com/browse/JBEAP-26933
- https://issues.redhat.com/browse/JBEAP-26937
- https://issues.redhat.com/browse/JBEAP-26954
- https://issues.redhat.com/browse/JBEAP-27002
- https://issues.redhat.com/browse/JBEAP-27009
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3581.json
- https://access.redhat.com/security/cve/CVE-2023-4503
- https://www.cve.org/CVERecord?id=CVE-2023-4503
- https://nvd.nist.gov/vuln/detail/CVE-2023-4503
- https://access.redhat.com/security/cve/CVE-2023-6236
- https://www.cve.org/CVERecord?id=CVE-2023-6236
- https://nvd.nist.gov/vuln/detail/CVE-2023-6236
- https://access.redhat.com/security/cve/CVE-2024-1102
- https://www.cve.org/CVERecord?id=CVE-2024-1102
- https://nvd.nist.gov/vuln/detail/CVE-2024-1102
- https://github.com/jberet/jsr352/issues/452
- https://access.redhat.com/security/cve/CVE-2024-1233
- https://www.cve.org/CVERecord?id=CVE-2024-1233
- https://nvd.nist.gov/vuln/detail/CVE-2024-1233
- https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
- https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
- https://issues.redhat.com/browse/WFLY-19226