RHSA-2025:4226
Advisory lineage Upstream: 17 Downstream: 0
Published: 28 Apr 2025, 10:03
Last modified:02 Jun 2026, 10:04
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.5 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
28 Apr 2025, 10:03
Published
Vulnerability first disclosed
02 Jun 2026, 10:04
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.10 on RHEL 7 security update
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- redhat•eap7-activemq-artemis
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-cli
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-commons
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-core-client
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-dto
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-hornetq-protocol
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-hqclient-protocol
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-jdbc-store
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-jms-client
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-jms-server
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-journal
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-native
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-ra
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-selector
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-server
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-activemq-artemis-service-extensions
< 0:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-artemis-native
< 1:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-artemis-native-debuginfo
< 1:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-artemis-native-wildfly
< 1:1.5.5.016-1.redhat_00001.1.ep7.el7
- redhat•eap7-jboss-xnio-base
< 0:3.5.11-1.Final_redhat_00001.1.ep7.el7
- redhat•eap7-jsoup
< 0:1.14.2-1.redhat_00002.1.ep7.el7
- redhat•eap7-undertow
< 0:1.4.18-14.SP13_redhat_00001.1.ep7.el7
- redhat•eap7-wildfly
< 0:7.1.10-2.GA_redhat_00002.1.ep7.el7
- redhat•eap7-wildfly-modules
< 0:7.1.10-2.GA_redhat_00002.1.ep7.el7
- redhat•eap7-woodstox-core
< 0:5.0.3-2.redhat_00002.1.ep7.el7
- redhat•eap7-xml-security
< 0:2.0.10-2.redhat_00002.1.ep7.el7
References (82)
- https://access.redhat.com/errata/RHSA-2025:4226
- https://access.redhat.com/security/updates/classification/#important
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index
- https://bugzilla.redhat.com/show_bug.cgi?id=1991299
- https://bugzilla.redhat.com/show_bug.cgi?id=1995259
- https://bugzilla.redhat.com/show_bug.cgi?id=2010378
- https://bugzilla.redhat.com/show_bug.cgi?id=2011190
- https://bugzilla.redhat.com/show_bug.cgi?id=2063601
- https://bugzilla.redhat.com/show_bug.cgi?id=2064226
- https://bugzilla.redhat.com/show_bug.cgi?id=2072009
- https://bugzilla.redhat.com/show_bug.cgi?id=2073890
- https://bugzilla.redhat.com/show_bug.cgi?id=2080850
- https://bugzilla.redhat.com/show_bug.cgi?id=2095862
- https://bugzilla.redhat.com/show_bug.cgi?id=2126789
- https://bugzilla.redhat.com/show_bug.cgi?id=2134291
- https://bugzilla.redhat.com/show_bug.cgi?id=2135771
- https://bugzilla.redhat.com/show_bug.cgi?id=2174246
- https://bugzilla.redhat.com/show_bug.cgi?id=2185662
- https://bugzilla.redhat.com/show_bug.cgi?id=2209689
- https://bugzilla.redhat.com/show_bug.cgi?id=2264928
- https://issues.redhat.com/browse/JBEAP-29286
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4226.json
- https://access.redhat.com/security/cve/CVE-2021-3690
- https://www.cve.org/CVERecord?id=CVE-2021-3690
- https://nvd.nist.gov/vuln/detail/CVE-2021-3690
- https://access.redhat.com/security/cve/CVE-2021-3859
- https://www.cve.org/CVERecord?id=CVE-2021-3859
- https://nvd.nist.gov/vuln/detail/CVE-2021-3859
- https://access.redhat.com/security/cve/CVE-2021-37714
- https://www.cve.org/CVERecord?id=CVE-2021-37714
- https://nvd.nist.gov/vuln/detail/CVE-2021-37714
- https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
- https://access.redhat.com/security/cve/CVE-2021-40690
- https://www.cve.org/CVERecord?id=CVE-2021-40690
- https://nvd.nist.gov/vuln/detail/CVE-2021-40690
- https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E
- https://access.redhat.com/security/cve/CVE-2022-0084
- https://www.cve.org/CVERecord?id=CVE-2022-0084
- https://nvd.nist.gov/vuln/detail/CVE-2022-0084
- https://access.redhat.com/security/cve/CVE-2022-1319
- https://www.cve.org/CVERecord?id=CVE-2022-1319
- https://nvd.nist.gov/vuln/detail/CVE-2022-1319
- https://access.redhat.com/security/cve/CVE-2022-2053
- https://www.cve.org/CVERecord?id=CVE-2022-2053
- https://nvd.nist.gov/vuln/detail/CVE-2022-2053
- https://access.redhat.com/security/cve/CVE-2022-23913
- https://www.cve.org/CVERecord?id=CVE-2022-23913
- https://nvd.nist.gov/vuln/detail/CVE-2022-23913
- https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
- https://access.redhat.com/security/cve/CVE-2022-24785
- https://www.cve.org/CVERecord?id=CVE-2022-24785
- https://nvd.nist.gov/vuln/detail/CVE-2022-24785
- https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
- https://access.redhat.com/security/cve/CVE-2022-25647
- https://www.cve.org/CVERecord?id=CVE-2022-25647
- https://nvd.nist.gov/vuln/detail/CVE-2022-25647
- https://access.redhat.com/security/cve/CVE-2022-25857
- https://www.cve.org/CVERecord?id=CVE-2022-25857
- https://nvd.nist.gov/vuln/detail/CVE-2022-25857
- https://bitbucket.org/snakeyaml/snakeyaml/issues/525
- https://access.redhat.com/security/cve/CVE-2022-40149
- https://www.cve.org/CVERecord?id=CVE-2022-40149
- https://nvd.nist.gov/vuln/detail/CVE-2022-40149
- https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1
- https://access.redhat.com/security/cve/CVE-2022-40152
- https://www.cve.org/CVERecord?id=CVE-2022-40152
- https://nvd.nist.gov/vuln/detail/CVE-2022-40152
- https://github.com/advisories/GHSA-3f7h-mf4q-vrm4
- https://access.redhat.com/security/cve/CVE-2023-1108
- https://www.cve.org/CVERecord?id=CVE-2023-1108
- https://nvd.nist.gov/vuln/detail/CVE-2023-1108
- https://github.com/advisories/GHSA-m4mm-pg93-fv78
- https://access.redhat.com/security/cve/CVE-2023-1973
- https://www.cve.org/CVERecord?id=CVE-2023-1973
- https://nvd.nist.gov/vuln/detail/CVE-2023-1973
- https://access.redhat.com/security/cve/CVE-2023-3223
- https://www.cve.org/CVERecord?id=CVE-2023-3223
- https://nvd.nist.gov/vuln/detail/CVE-2023-3223
- https://access.redhat.com/security/cve/CVE-2024-1635
- https://www.cve.org/CVERecord?id=CVE-2024-1635
- https://nvd.nist.gov/vuln/detail/CVE-2024-1635