RHSA-2025:20052

Description

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 security update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•eap7-protostream

  < 0:4.3.7-1.Final_redhat_00001.1.el7eap | < 0:4.3.7-1.Final_redhat_00001.1.el8eap | < 0:4.3.7-1.Final_redhat_00001.1.el9eap

• redhat•eap7-wildfly

  < 0:7.4.23-5.GA_redhat_00004.1.el7eap | < 0:7.4.23-5.GA_redhat_00004.1.el8eap | < 0:7.4.23-5.GA_redhat_00004.1.el9eap

• redhat•eap7-wildfly-java-jdk11

  < 0:7.4.23-5.GA_redhat_00004.1.el7eap | < 0:7.4.23-5.GA_redhat_00004.1.el8eap | < 0:7.4.23-5.GA_redhat_00004.1.el9eap

• redhat•eap7-wildfly-java-jdk17

  < 0:7.4.23-5.GA_redhat_00004.1.el8eap | < 0:7.4.23-5.GA_redhat_00004.1.el9eap

• redhat•eap7-wildfly-java-jdk8

  < 0:7.4.23-5.GA_redhat_00004.1.el7eap | < 0:7.4.23-5.GA_redhat_00004.1.el8eap | < 0:7.4.23-5.GA_redhat_00004.1.el9eap

• redhat•eap7-wildfly-javadocs

  < 0:7.4.23-5.GA_redhat_00004.1.el7eap | < 0:7.4.23-5.GA_redhat_00004.1.el8eap | < 0:7.4.23-5.GA_redhat_00004.1.el9eap

• redhat•eap7-wildfly-modules

  < 0:7.4.23-5.GA_redhat_00004.1.el7eap | < 0:7.4.23-5.GA_redhat_00004.1.el8eap | < 0:7.4.23-5.GA_redhat_00004.1.el9eap

References (10)

• https://access.redhat.com/errata/RHSA-2025:20052
• https://access.redhat.com/security/updates/classification/#important
• https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4
• https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index
• https://bugzilla.redhat.com/show_bug.cgi?id=2313454
• https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_20052.json
• https://access.redhat.com/security/cve/CVE-2024-7254
• https://www.cve.org/CVERecord?id=CVE-2024-7254
• https://nvd.nist.gov/vuln/detail/CVE-2024-7254
• https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa