RHSA-2025:9583
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.14 Security update
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- redhat•eap7-jackson-annotations
< 0:2.10.4-3.redhat_00006.1.el7eap
- redhat•eap7-jackson-core
< 0:2.10.4-3.redhat_00006.1.el7eap
- redhat•eap7-jackson-databind
< 0:2.10.4-5.redhat_00006.1.el7eap
- redhat•eap7-jackson-datatype-jdk8
< 0:2.10.4-2.redhat_00006.1.el7eap
- redhat•eap7-jackson-datatype-jsr310
< 0:2.10.4-2.redhat_00006.1.el7eap
- redhat•eap7-jackson-jaxrs-base
< 0:2.10.4-3.redhat_00006.1.el7eap
- redhat•eap7-jackson-jaxrs-json-provider
< 0:2.10.4-3.redhat_00006.1.el7eap
- redhat•eap7-jackson-jaxrs-providers
< 0:2.10.4-3.redhat_00006.1.el7eap
- redhat•eap7-jackson-module-jaxb-annotations
< 0:2.10.4-5.redhat_00006.1.el7eap
- redhat•eap7-jackson-modules-base
< 0:2.10.4-5.redhat_00006.1.el7eap
- redhat•eap7-jackson-modules-java8
< 0:2.10.4-2.redhat_00006.1.el7eap
- redhat•eap7-jboss-server-migration
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-cli
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-core
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-eap6.4
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-eap6.4-to-eap7.3
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.0
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.1
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.2
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.2-to-eap7.3
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-eap7.3-server
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly10.0
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly10.1
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly11.0
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly12.0
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly13.0-server
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly14.0-server
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly15.0-server
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly16.0-server
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly17.0-server
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly18.0-server
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly8.2
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-jboss-server-migration-wildfly9.0
< 0:1.7.2-16.Final_redhat_00017.1.el7eap
- redhat•eap7-netty
< 0:4.1.63-5.Final_redhat_00003.1.el7eap
- redhat•eap7-netty-all
< 0:4.1.63-5.Final_redhat_00003.1.el7eap
- redhat•eap7-undertow
< 0:2.0.41-4.SP5_redhat_00001.1.el7eap
- redhat•eap7-wildfly
< 0:7.3.14-3.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-elytron
< 0:1.10.17-1.Final_redhat_00001.1.el7eap
- redhat•eap7-wildfly-elytron-tool
< 0:1.10.17-1.Final_redhat_00001.1.el7eap
- redhat•eap7-wildfly-java-jdk11
< 0:7.3.14-3.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-java-jdk8
< 0:7.3.14-3.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-javadocs
< 0:7.3.14-3.GA_redhat_00002.1.el7eap
- redhat•eap7-wildfly-modules
< 0:7.3.14-3.GA_redhat_00002.1.el7eap
References (70)
- https://access.redhat.com/errata/RHSA-2025:9583
- https://access.redhat.com/security/updates/classification/#important
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3
- https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index
- https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
- https://bugzilla.redhat.com/show_bug.cgi?id=2004133
- https://bugzilla.redhat.com/show_bug.cgi?id=2004135
- https://bugzilla.redhat.com/show_bug.cgi?id=2064698
- https://bugzilla.redhat.com/show_bug.cgi?id=2072339
- https://bugzilla.redhat.com/show_bug.cgi?id=2073890
- https://bugzilla.redhat.com/show_bug.cgi?id=2095862
- https://bugzilla.redhat.com/show_bug.cgi?id=2124682
- https://bugzilla.redhat.com/show_bug.cgi?id=2153260
- https://bugzilla.redhat.com/show_bug.cgi?id=2174246
- https://bugzilla.redhat.com/show_bug.cgi?id=2185662
- https://bugzilla.redhat.com/show_bug.cgi?id=2209689
- https://bugzilla.redhat.com/show_bug.cgi?id=2242099
- https://bugzilla.redhat.com/show_bug.cgi?id=2262849
- https://bugzilla.redhat.com/show_bug.cgi?id=2262918
- https://bugzilla.redhat.com/show_bug.cgi?id=2264928
- https://issues.redhat.com/browse/JBEAP-29448
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_9583.json
- https://access.redhat.com/security/cve/CVE-2020-36518
- https://www.cve.org/CVERecord?id=CVE-2020-36518
- https://nvd.nist.gov/vuln/detail/CVE-2020-36518
- https://github.com/advisories/GHSA-57j2-w4cx-62h2
- https://access.redhat.com/security/cve/CVE-2021-37136
- https://www.cve.org/CVERecord?id=CVE-2021-37136
- https://nvd.nist.gov/vuln/detail/CVE-2021-37136
- https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv
- https://access.redhat.com/security/cve/CVE-2021-37137
- https://www.cve.org/CVERecord?id=CVE-2021-37137
- https://nvd.nist.gov/vuln/detail/CVE-2021-37137
- https://access.redhat.com/security/cve/CVE-2022-1259
- https://www.cve.org/CVERecord?id=CVE-2022-1259
- https://nvd.nist.gov/vuln/detail/CVE-2022-1259
- https://access.redhat.com/security/cve/CVE-2022-1319
- https://www.cve.org/CVERecord?id=CVE-2022-1319
- https://nvd.nist.gov/vuln/detail/CVE-2022-1319
- https://access.redhat.com/security/cve/CVE-2022-2053
- https://www.cve.org/CVERecord?id=CVE-2022-2053
- https://nvd.nist.gov/vuln/detail/CVE-2022-2053
- https://access.redhat.com/security/cve/CVE-2022-3143
- https://www.cve.org/CVERecord?id=CVE-2022-3143
- https://nvd.nist.gov/vuln/detail/CVE-2022-3143
- https://access.redhat.com/security/cve/CVE-2022-4492
- https://www.cve.org/CVERecord?id=CVE-2022-4492
- https://nvd.nist.gov/vuln/detail/CVE-2022-4492
- https://access.redhat.com/security/cve/CVE-2023-1108
- https://www.cve.org/CVERecord?id=CVE-2023-1108
- https://nvd.nist.gov/vuln/detail/CVE-2023-1108
- https://github.com/advisories/GHSA-m4mm-pg93-fv78
- https://access.redhat.com/security/cve/CVE-2023-1973
- https://www.cve.org/CVERecord?id=CVE-2023-1973
- https://nvd.nist.gov/vuln/detail/CVE-2023-1973
- https://access.redhat.com/security/cve/CVE-2023-3223
- https://www.cve.org/CVERecord?id=CVE-2023-3223
- https://nvd.nist.gov/vuln/detail/CVE-2023-3223
- https://access.redhat.com/security/cve/CVE-2023-5379
- https://www.cve.org/CVERecord?id=CVE-2023-5379
- https://nvd.nist.gov/vuln/detail/CVE-2023-5379
- https://access.redhat.com/security/cve/CVE-2024-1233
- https://www.cve.org/CVERecord?id=CVE-2024-1233
- https://nvd.nist.gov/vuln/detail/CVE-2024-1233
- https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
- https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
- https://issues.redhat.com/browse/WFLY-19226
- https://access.redhat.com/security/cve/CVE-2024-1635
- https://www.cve.org/CVERecord?id=CVE-2024-1635
- https://nvd.nist.gov/vuln/detail/CVE-2024-1635