RHSA-2025:17298
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update
CVSS Metrics
- v3.1•HIGH•Score: 8.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Affected Systems
- redhat•eap8-apache-commons-lang
< 0:3.18.0-1.redhat_00002.1.el8eap | < 0:3.18.0-1.redhat_00002.1.el9eap
- redhat•eap8-apache-cxf
< 0:4.0.9-4.redhat_00002.1.el8eap | < 0:4.0.9-4.redhat_00002.1.el9eap
- redhat•eap8-apache-cxf-rt
< 0:4.0.9-4.redhat_00002.1.el8eap | < 0:4.0.9-4.redhat_00002.1.el9eap
- redhat•eap8-apache-cxf-services
< 0:4.0.9-4.redhat_00002.1.el8eap | < 0:4.0.9-4.redhat_00002.1.el9eap
- redhat•eap8-apache-cxf-tools
< 0:4.0.9-4.redhat_00002.1.el8eap | < 0:4.0.9-4.redhat_00002.1.el9eap
- redhat•eap8-eap-product-conf-parent
< 0:801.0.1-2.GA_redhat_00003.1.el8eap | < 0:801.0.1-2.GA_redhat_00003.1.el9eap
- redhat•eap8-eap-product-conf-wildfly-ee-feature-pack
< 0:801.0.1-2.GA_redhat_00003.1.el8eap | < 0:801.0.1-2.GA_redhat_00003.1.el9eap
- redhat•eap8-jbossws-cxf
< 0:7.3.4-1.Final_redhat_00001.1.el8eap | < 0:7.3.4-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-buffer
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-codec
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-codec-dns
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-codec-http
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-codec-socks
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-common
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-handler
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-handler-proxy
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-resolver
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-resolver-dns
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-transport
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-transport-classes-epoll
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-transport-native-epoll
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-transport-native-epoll-debuginfo
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-netty-transport-native-unix-common
< 0:4.1.127-1.Final_redhat_00001.1.el8eap | < 0:4.1.127-1.Final_redhat_00001.1.el9eap
- redhat•eap8-opensaml
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-core
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-profile-api
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-saml-api
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-saml-impl
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-security-api
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-security-impl
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-soap-api
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-xacml-api
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-xacml-impl
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-xacml-saml-api
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-xacml-saml-impl
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-xmlsec-api
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-opensaml-xmlsec-impl
< 0:4.3.2-2.redhat_00002.1.el8eap | < 0:4.3.2-2.redhat_00002.1.el9eap
- redhat•eap8-wildfly
< 0:8.1.0-55.GA_redhat_00016.1.el8eap | < 0:8.1.0-55.GA_redhat_00016.1.el9eap
- redhat•eap8-wildfly-java-jdk17
< 0:8.1.0-55.GA_redhat_00016.1.el8eap | < 0:8.1.0-55.GA_redhat_00016.1.el9eap
- redhat•eap8-wildfly-java-jdk21
< 0:8.1.0-55.GA_redhat_00016.1.el8eap | < 0:8.1.0-55.GA_redhat_00016.1.el9eap
- redhat•eap8-wildfly-modules
< 0:8.1.0-55.GA_redhat_00016.1.el8eap | < 0:8.1.0-55.GA_redhat_00016.1.el9eap
- redhat•eap8-wss4j
< 0:3.0.4-1.redhat_00002.1.el8eap | < 0:3.0.4-1.redhat_00002.1.el9eap
- redhat•eap8-wss4j-bindings
< 0:3.0.4-1.redhat_00002.1.el8eap | < 0:3.0.4-1.redhat_00002.1.el9eap
- redhat•eap8-wss4j-policy
< 0:3.0.4-1.redhat_00002.1.el8eap | < 0:3.0.4-1.redhat_00002.1.el9eap
- redhat•eap8-wss4j-ws-security-common
< 0:3.0.4-1.redhat_00002.1.el8eap | < 0:3.0.4-1.redhat_00002.1.el9eap
- redhat•eap8-wss4j-ws-security-dom
< 0:3.0.4-1.redhat_00002.1.el8eap | < 0:3.0.4-1.redhat_00002.1.el9eap
- redhat•eap8-wss4j-ws-security-policy-stax
< 0:3.0.4-1.redhat_00002.1.el8eap | < 0:3.0.4-1.redhat_00002.1.el9eap
- redhat•eap8-wss4j-ws-security-stax
< 0:3.0.4-1.redhat_00002.1.el8eap | < 0:3.0.4-1.redhat_00002.1.el9eap
- redhat•eap8-xml-security
< 0:3.0.5-1.redhat_00001.1.el8eap | < 0:3.0.5-1.redhat_00001.1.el9eap
References (36)
- https://access.redhat.com/errata/RHSA-2025:17298
- https://access.redhat.com/security/updates/classification/#important
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1
- https://access.redhat.com/articles/7129481
- https://bugzilla.redhat.com/show_bug.cgi?id=2388252
- https://bugzilla.redhat.com/show_bug.cgi?id=2392996
- https://issues.redhat.com/browse/JBEAP-30701
- https://issues.redhat.com/browse/JBEAP-30732
- https://issues.redhat.com/browse/JBEAP-30759
- https://issues.redhat.com/browse/JBEAP-30761
- https://issues.redhat.com/browse/JBEAP-30763
- https://issues.redhat.com/browse/JBEAP-30887
- https://issues.redhat.com/browse/JBEAP-30889
- https://issues.redhat.com/browse/JBEAP-30891
- https://issues.redhat.com/browse/JBEAP-30916
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17298.json
- https://access.redhat.com/security/cve/CVE-2025-48913
- https://bugzilla.redhat.com/show_bug.cgi?id=2387221
- https://www.cve.org/CVERecord?id=CVE-2025-48913
- https://nvd.nist.gov/vuln/detail/CVE-2025-48913
- https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83
- https://access.redhat.com/security/cve/CVE-2025-55163
- https://www.cve.org/CVERecord?id=CVE-2025-55163
- https://nvd.nist.gov/vuln/detail/CVE-2025-55163
- https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4
- https://kb.cert.org/vuls/id/767506
- https://access.redhat.com/security/cve/CVE-2025-58056
- https://www.cve.org/CVERecord?id=CVE-2025-58056
- https://nvd.nist.gov/vuln/detail/CVE-2025-58056
- https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding
- https://github.com/JLLeitschuh/unCVEed/issues/1
- https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284
- https://github.com/netty/netty/issues/15522
- https://github.com/netty/netty/pull/15611
- https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49
- https://w4ke.info/2025/06/18/funky-chunks.html