Headline
RHSA-2023:0552: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2015-9251: jquery: Cross-site scripting via cross-domain ajax requests
- CVE-2016-10735: bootstrap: XSS in the data-target attribute
- CVE-2017-18214: nodejs-moment: Regular expression denial of service
- CVE-2018-14040: bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
- CVE-2018-14041: bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
- CVE-2018-14042: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
- CVE-2019-8331: bootstrap: XSS in the tooltip or popover data-template attribute
- CVE-2019-11358: jquery: Prototype pollution in object’s prototype leading to denial of service, remote code execution, or property injection
- CVE-2020-11022: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
- CVE-2020-11023: jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
- CVE-2022-3143: wildfly-elytron: possible timing attacks via use of unsafe comparator
- CVE-2022-40149: jettison: parser crash by stackoverflow
- CVE-2022-40150: jettison: memory exhaustion via user-supplied XML or JSON data
- CVE-2022-40152: woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
- CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
- CVE-2022-42004: jackson-databind: use of deeply nested arrays
- CVE-2022-45047: mina-sshd: Java unsafe deserialization vulnerability
- CVE-2022-45693: jettison: If the value in map is the map’s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos
- CVE-2022-46364: Apache CXF: SSRF Vulnerability
SRPM eap7-apache-sshd-2.9.2-1.redhat_00001.1.el7eap.src.rpm SHA-256: b88c99c2cfbe74207a36db276c85ed167e3fa0127b901ee632e7631fe042a26c eap7-elytron-web-1.9.3-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: d731d824d7a15d4c689a9f65ace20e972575037c6270421d9e2a63cd196f1dd4 eap7-hal-console-3.3.16-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: d7f67fdaf0d75f4c2fa714c6083fec361e508378b4fd9bd12a0bc32b156e75c3 eap7-hibernate-search-5.10.13-3.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 2ac7ec4437c9f2709b9f929472b1db2aeecdf6a9206a6e3580fe232a1a5687bc eap7-ironjacamar-1.5.10-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 7aa1986728eb89edc68322411779fce5985c02d9557a52874d19024db3a1b635 eap7-jackson-annotations-2.12.7-1.redhat_00003.1.el7eap.src.rpm SHA-256: f8db8cddee85cc9e197c19fbedff50d594bcf9736225212cdf1b2254608b075d eap7-jackson-core-2.12.7-1.redhat_00003.1.el7eap.src.rpm SHA-256: 9b02c73df71815fe83bf8eab668434e710c9e41110a0525d97be47370dc96aaa eap7-jackson-databind-2.12.7-1.redhat_00003.1.el7eap.src.rpm SHA-256: 41a2bcc013e550311acd325d2f7334f978dccf5955361c7b2835d308d3eb14b7 eap7-jackson-jaxrs-providers-2.12.7-1.redhat_00003.1.el7eap.src.rpm SHA-256: 7a56f65ba7e5b3c8234f8f0217b646fa1bfa392367f9ceb70b2947d02934b5f9 eap7-jackson-modules-base-2.12.7-1.redhat_00003.1.el7eap.src.rpm SHA-256: 196f7d6a630fcb6debd586ee4d4dbc55935797b4aeb3d29608cee65b0835c7c3 eap7-jackson-modules-java8-2.12.7-1.redhat_00003.1.el7eap.src.rpm SHA-256: 681d492708589ba12e3f315bf25315b90a03e432c72ca2c9dd4a1207867a909d eap7-javaee-security-soteria-1.0.1-3.redhat_00003.1.el7eap.src.rpm SHA-256: e894ea161ab6b8b01d357df9ef28fa998c1e375f8376c31dad15b211071e0a45 eap7-jboss-ejb-client-4.0.49-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: af376b5c29b684122e0183df62ae5414fd8e0655a0e63fc0fb739dbb14e9cf98 eap7-jboss-jsf-api_2.3_spec-3.0.0-6.SP07_redhat_00001.1.el7eap.src.rpm SHA-256: 87bb10fd4c982d1c0948fca495bb9f6d1d06f04ad8c6f9450b524019389bc349 eap7-jboss-jsp-api_2.3_spec-2.0.0-3.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 2da7c1b5a43d8a27f11257399b569bd02a26149b26cd570167fdc6c89df3bb84 eap7-jboss-remoting-5.0.27-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: bdc637c5f82c1b562922cfc98f95739ae07c1154fb9f31358946deb601ba928d eap7-jboss-server-migration-1.10.0-24.Final_redhat_00023.1.el7eap.src.rpm SHA-256: 6ee7444baa4cdc069ed1229f4d9dcaffbdf4a2246b86fb436b9222a3a3ca86f5 eap7-jettison-1.5.2-1.redhat_00002.1.el7eap.src.rpm SHA-256: 7ff87eed3bc3897aa6acae9b6024064f03e2723063e926a3ec6bec237a79abf4 eap7-undertow-2.2.22-1.SP3_redhat_00001.1.el7eap.src.rpm SHA-256: 397e5684ef72acac952a3ed272c8de0e12a7e9e9cbcdb462a196855af7dbb0a2 eap7-wildfly-7.4.9-4.GA_redhat_00003.1.el7eap.src.rpm SHA-256: ac4080a8129d368c161b015930fad8eec404ac632db48192a0f6f55a2ea3b8d6 eap7-wildfly-elytron-1.15.16-1.Final_redhat_00001.1.el7eap.src.rpm SHA-256: 91c30b07c1bcfee3764728c8a5ac348f5d6c96ba5d5388c9278f69c98853762a eap7-woodstox-core-6.4.0-1.redhat_00001.1.el7eap.src.rpm SHA-256: d4137d9f96c6950c12a736795a44027585b9c04262461e38436df9898dceab06 x86_64 eap7-apache-sshd-2.9.2-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 38cec8c9e0279df02fbeb9f2577bda0eb240003539d9bd0e3def3516256b865c eap7-hal-console-3.3.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 3744052deabfe686ed854658df286d6b0b8e3efc76d025e74af4f4488bfaf4c7 eap7-hibernate-search-5.10.13-3.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: e348f1a1ab45f1b64f9bed82530132e397eb628459e708624860526263dc9178 eap7-hibernate-search-backend-jgroups-5.10.13-3.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 7a8714c9a07c0bc13a534e31b7bda740509d4f648ac452f630b682c7ad091111 eap7-hibernate-search-backend-jms-5.10.13-3.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: a9b600cd00c9330c20486f94771ea03efb05eed85adae9bd7fd949bfea9e0b1a eap7-hibernate-search-engine-5.10.13-3.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 6caf2417eddc3b77d87a41fccf5703e73106928a6b33083e98d8bd7bcd7e225b eap7-hibernate-search-orm-5.10.13-3.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 411a294c205a4a4db7cf7ca66600830e3bb5706c31c48dd42aa26ac96b15c824 eap7-hibernate-search-serialization-avro-5.10.13-3.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: e1083ffdfbf93230deb90932bec9c09fbfb2565116afd085cea267e64fda8db1 eap7-ironjacamar-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 2afeb393fb09f8623acdc7e3cf71bc0ec758cdce33967caa46d0bf20a15535cd eap7-ironjacamar-common-api-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: c810e5bb88ad48c6e54b31585d52dc8b1848891dee57314ea4bb5469e3a5ce97 eap7-ironjacamar-common-impl-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: f2d9635646f4a854cf6841dc2720704a673d59d95b4fe7cbda34b614fa57a90d eap7-ironjacamar-common-spi-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 3baba54839e85f2a87df0a9585a3fc6d49b8856af7680a08c53bbf90ba2ddea2 eap7-ironjacamar-core-api-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 1f1942181ddb326146ce6a294da27ab42f5f33e834d508eb3e5512e5b02afe85 eap7-ironjacamar-core-impl-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: f11841edaa97dc4ee48663dbdb74f2a7a138d670bed9096adaec3f5771f59476 eap7-ironjacamar-deployers-common-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: e706a3ab313fb485d6ea5c5011b3912b680b001e0ee3abaa78bda35388400f85 eap7-ironjacamar-jdbc-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: d8393eac98a3fe36ac1460b21f525ad23a0df64d952b111c092063c0bbb0e9d2 eap7-ironjacamar-validator-1.5.10-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: ec6d3cc25526043f7dbeac18056c71fcf75b9d83d8118b357b23a7abffd5ffa7 eap7-jackson-annotations-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: f960afebc8eeeba219cb7281f390c7eac9af4765c3929645312c0555a878fa2b eap7-jackson-core-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: 5e2a8974c96f60350d57b005fc7dc416926a3afc5aba480bc82fa4c0b2abad97 eap7-jackson-databind-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: 7c6d8cc5498c36258a39f055ed60374ce1645e921f69da67319db8319a4f5310 eap7-jackson-datatype-jdk8-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: 5aa888ce61676ca6bc4410469c8c30a618c9c06de4e13aa5ec2b60829df9a8a2 eap7-jackson-datatype-jsr310-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: c41186f8e8ec354f9e3802d7a363eae140ebd2c930bda985139dcde273cf3ed7 eap7-jackson-jaxrs-base-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: 0ca2cda2f0d6d9246129d6125be6f07a5bd0a73b15a303d2ddc9da44f6b614c1 eap7-jackson-jaxrs-json-provider-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: 1ca43abfa315c9613a9d0aa0b56151f5684b45b3673519b6b2e5990db3c5c4e6 eap7-jackson-module-jaxb-annotations-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: a19fa19aafdde88204045a664fc8b90bc7531890718968979b1d543f93700973 eap7-jackson-modules-base-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: 99a66dca1a89477f414476966f3ce5145c0d740847ca76b155011f9285ca5664 eap7-jackson-modules-java8-2.12.7-1.redhat_00003.1.el7eap.noarch.rpm SHA-256: a19bc7d8ae8719a1e5b08d0ffcf81c4de9612ebbfb1742ff05e4152cdea1fcc7 eap7-javaee-security-soteria-1.0.1-3.redhat_00003.1.el7eap.noarch.rpm SHA-256: b83357d5950ac8831522dde22f0969a459642626ab933646591d5cb12a34a2b7 eap7-javaee-security-soteria-enterprise-1.0.1-3.redhat_00003.1.el7eap.noarch.rpm SHA-256: 12516cdb1e781b54cc7864e90797206eaf1e7179f17dfd1b58075f57463dcad2 eap7-jboss-ejb-client-4.0.49-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 9e98ac72b11bc19ba314114b69c5543845d38460a72b41a489d0d0b84b5de196 eap7-jboss-jsf-api_2.3_spec-3.0.0-6.SP07_redhat_00001.1.el7eap.noarch.rpm SHA-256: 7a98d7ae1d3371a956f8350bf9bf94923172a9a6aa8fbba872a76307f7019010 eap7-jboss-jsp-api_2.3_spec-2.0.0-3.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 155b6bfb1b6548d7bbc3b38f8bf24eb10dffbdbb64758ca17165ca5d06891c8c eap7-jboss-remoting-5.0.27-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: bcba3b16e641f03abcae625d6aea08c98c3fdd3f2fa64a81fc642c6856db75e8 eap7-jboss-server-migration-1.10.0-24.Final_redhat_00023.1.el7eap.noarch.rpm SHA-256: fbec7b22e3bc591a9284ae1dc297702f4d4db4f0486cd034ff16c6c123d114ea eap7-jboss-server-migration-cli-1.10.0-24.Final_redhat_00023.1.el7eap.noarch.rpm SHA-256: ca6ecdff5b37ce5cc7fb7c09e7fb1fdb20d78754d6933fe22307a3c51e532070 eap7-jboss-server-migration-core-1.10.0-24.Final_redhat_00023.1.el7eap.noarch.rpm SHA-256: 341ee01b990b780cd6c1646982351d66aa4fc15e62ef377cda50ba11199f6aad eap7-jettison-1.5.2-1.redhat_00002.1.el7eap.noarch.rpm SHA-256: 5a38bf52c25e187097d154171bdda2873da7a841ba1f601b8345a7ea5a1d0bf8 eap7-undertow-2.2.22-1.SP3_redhat_00001.1.el7eap.noarch.rpm SHA-256: 9930d0234284a6635197dc03f153f7f6afd4e5cc0fc1c4b3d54d8a8d839a4ad7 eap7-undertow-server-1.9.3-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: cbe8ff98eb97404bb69fe7e4cba74e259162993a715329f6ddc7f26cf15f5e8f eap7-wildfly-7.4.9-4.GA_redhat_00003.1.el7eap.noarch.rpm SHA-256: 43388d87fbe4fc414a340635ca3c135c5e50c736838c6b86b88999e984501436 eap7-wildfly-elytron-1.15.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: 0bade6367686e94525f372537417de9e15964589865a8fcfa1b4f405d88fe29e eap7-wildfly-elytron-tool-1.15.16-1.Final_redhat_00001.1.el7eap.noarch.rpm SHA-256: f02baf1fcc7db8f0ab610f46368b8a5aa21e12772b951e67d0e79283aeb2ea06 eap7-wildfly-java-jdk11-7.4.9-4.GA_redhat_00003.1.el7eap.noarch.rpm SHA-256: a362bd874f05e8198e225c77a5b8ddc4686cfb35b6f35f9a9320bd3d86e07fa4 eap7-wildfly-java-jdk8-7.4.9-4.GA_redhat_00003.1.el7eap.noarch.rpm SHA-256: 101384fad6c28af0885a803afe9a19b8a25fe22521cb71f4c1a18e5b8a0217d2 eap7-wildfly-javadocs-7.4.9-4.GA_redhat_00003.1.el7eap.noarch.rpm SHA-256: 3d5caad90e017e13deac73331deb5b11217070c97483396ec4dfc9ef05ec4759 eap7-wildfly-modules-7.4.9-4.GA_redhat_00003.1.el7eap.noarch.rpm SHA-256: 6e4af3473b23c247f566f6e1e232ddf23f20ba50db5ef90c073807a5f0aa8061 eap7-woodstox-core-6.4.0-1.redhat_00001.1.el7eap.noarch.rpm SHA-256: 68a3f9311212ac307f2728026ae9528c5eba9b9fc19f283ca235a73f79d69421