RHSA-2025:22773
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.11 security update
CVSS Metrics
- v3.1•MEDIUM•Score: 4.8CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
Affected Systems
- redhat•eap8-angus-activation
< 0:2.0.2-2.redhat_00002.1.el8eap
- redhat•eap8-apache-commons-io
< 0:2.16.1-2.redhat_00002.1.el8eap
- redhat•eap8-atinject
< 0:2.0.1-5.redhat_00007.1.el8eap
- redhat•eap8-bouncycastle
< 0:1.82.0-1.redhat_00001.1.el8eap
- redhat•eap8-bouncycastle-jmail
< 0:1.82.0-1.redhat_00001.1.el8eap
- redhat•eap8-bouncycastle-pg
< 0:1.82.0-1.redhat_00001.1.el8eap
- redhat•eap8-bouncycastle-pkix
< 0:1.82.0-1.redhat_00001.1.el8eap
- redhat•eap8-bouncycastle-prov
< 0:1.82.0-1.redhat_00001.1.el8eap
- redhat•eap8-bouncycastle-util
< 0:1.82.0-1.redhat_00001.1.el8eap
- redhat•eap8-eap-product-conf-parent
< 0:800.11.0-1.GA_redhat_00001.1.el8eap
- redhat•eap8-eap-product-conf-wildfly-ee-feature-pack
< 0:800.11.0-1.GA_redhat_00001.1.el8eap
- redhat•eap8-eclipse-jgit
< 0:6.10.1.202505221210-1.r_redhat_00002.1.el8eap
- redhat•eap8-hal-console
< 0:3.6.27-1.Final_redhat_00001.1.el8eap
- redhat•eap8-hibernate
< 0:6.2.46-1.Final_redhat_00001.1.el8eap
- redhat•eap8-hibernate-core
< 0:6.2.46-1.Final_redhat_00001.1.el8eap
- redhat•eap8-hibernate-envers
< 0:6.2.46-1.Final_redhat_00001.1.el8eap
- redhat•eap8-hibernate-validator
< 0:8.0.2-1.Final_redhat_00001.1.el8eap
- redhat•eap8-hibernate-validator-cdi
< 0:8.0.2-1.Final_redhat_00001.1.el8eap
- redhat•eap8-httpcomponents-client
< 0:4.5.14-5.redhat_00016.1.el8eap
- redhat•eap8-httpcomponents-core
< 0:4.4.16-6.redhat_00011.1.el8eap
- redhat•eap8-installation-manager-api
< 0:1.0.3-1.Final_redhat_00001.1.el8eap
- redhat•eap8-istack-commons-runtime
< 0:4.1.2-2.redhat_00003.1.el8eap
- redhat•eap8-istack-commons-tools
< 0:4.1.2-2.redhat_00003.1.el8eap
- redhat•eap8-jakarta-activation
< 0:2.1.3-2.redhat_00002.1.el8eap
- redhat•eap8-jakarta-annotation-api
< 0:2.1.1-5.redhat_00005.1.el8eap
- redhat•eap8-jakarta-enterprise-concurrent
< 0:3.0.2-1.redhat_00001.1.el8eap
- redhat•eap8-jakarta-interceptor-api
< 0:2.1.0-5.redhat_00003.1.el8eap
- redhat•eap8-jakarta-mail
< 0:2.1.3-3.redhat_00003.1.el8eap
- redhat•eap8-jakarta-servlet-api
< 0:6.0.0-6.redhat_00007.1.el8eap
- redhat•eap8-jakarta-validation-api
< 0:3.0.2-3.redhat_00006.1.el8eap
- redhat•eap8-jakarta-ws-rs-api
< 0:3.1.0-5.redhat_00003.1.el8eap
- redhat•eap8-jakarta-xml-bind-api
< 0:4.0.2-2.redhat_00003.1.el8eap
- redhat•eap8-jboss-el-api_5.0_spec
< 0:4.0.2-1.Final_redhat_00001.1.el8eap
- redhat•eap8-jbossws-cxf
< 0:7.3.6-1.Final_redhat_00001.1.el8eap
- redhat•eap8-jctools
< 0:4.0.5-3.redhat_00002.1.el8eap
- redhat•eap8-jctools-core
< 0:4.0.5-3.redhat_00002.1.el8eap
- redhat•eap8-parsson
< 0:1.1.7-3.redhat_00003.1.el8eap
- redhat•eap8-reactive-streams
< 0:1.0.4-4.redhat_00005.1.el8eap
- redhat•eap8-reactivex-rxjava2
< 0:2.2.21-4.redhat_00003.1.el8eap
- redhat•eap8-saaj-impl
< 0:3.0.4-2.redhat_00002.1.el8eap
- redhat•eap8-stax-ex
< 0:2.1.0-3.redhat_00003.1.el8eap
- redhat•eap8-stax2-api
< 0:4.2.2-2.redhat_00003.1.el8eap
- redhat•eap8-sun-istack-commons
< 0:4.1.2-2.redhat_00003.1.el8eap
- redhat•eap8-wildfly
< 0:8.0.11-1.GA_redhat_00002.1.el8eap
- redhat•eap8-wildfly-elytron
< 0:2.2.12-1.Final_redhat_00002.1.el8eap
- redhat•eap8-wildfly-elytron-tool
< 0:2.2.12-1.Final_redhat_00002.1.el8eap
- redhat•eap8-wildfly-java-jdk11
< 0:8.0.11-1.GA_redhat_00002.1.el8eap
- redhat•eap8-wildfly-java-jdk17
< 0:8.0.11-1.GA_redhat_00002.1.el8eap
- redhat•eap8-wildfly-java-jdk21
< 0:8.0.11-1.GA_redhat_00002.1.el8eap
- redhat•eap8-wildfly-modules
< 0:8.0.11-1.GA_redhat_00002.1.el8eap
Showing first 50 affected entries in server-rendered view.
References (23)
- https://access.redhat.com/errata/RHSA-2025:22773
- https://access.redhat.com/security/updates/classification/#moderate
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0
- https://access.redhat.com/articles/7120566
- https://bugzilla.redhat.com/show_bug.cgi?id=2367730
- https://issues.redhat.com/browse/JBEAP-28993
- https://issues.redhat.com/browse/JBEAP-30584
- https://issues.redhat.com/browse/JBEAP-30976
- https://issues.redhat.com/browse/JBEAP-31001
- https://issues.redhat.com/browse/JBEAP-31031
- https://issues.redhat.com/browse/JBEAP-31074
- https://issues.redhat.com/browse/JBEAP-31253
- https://issues.redhat.com/browse/JBEAP-31260
- https://issues.redhat.com/browse/JBEAP-31290
- https://issues.redhat.com/browse/JBEAP-31339
- https://issues.redhat.com/browse/JBEAP-31377
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22773.json
- https://access.redhat.com/security/cve/CVE-2025-4949
- https://www.cve.org/CVERecord?id=CVE-2025-4949
- https://nvd.nist.gov/vuln/detail/CVE-2025-4949
- https://gitlab.eclipse.org/security/cve-assignement/-/issues/64
- https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/281
- https://projects.eclipse.org/projects/technology.jgit/releases/7.2.1