Headline
RHSA-2023:0553: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2015-9251: jquery: Cross-site scripting via cross-domain ajax requests
- CVE-2016-10735: bootstrap: XSS in the data-target attribute
- CVE-2017-18214: nodejs-moment: Regular expression denial of service
- CVE-2018-14040: bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
- CVE-2018-14041: bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
- CVE-2018-14042: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
- CVE-2019-8331: bootstrap: XSS in the tooltip or popover data-template attribute
- CVE-2019-11358: jquery: Prototype pollution in object’s prototype leading to denial of service, remote code execution, or property injection
- CVE-2020-11022: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
- CVE-2020-11023: jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
- CVE-2022-3143: wildfly-elytron: possible timing attacks via use of unsafe comparator
- CVE-2022-40149: jettison: parser crash by stackoverflow
- CVE-2022-40150: jettison: memory exhaustion via user-supplied XML or JSON data
- CVE-2022-40152: woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
- CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
- CVE-2022-42004: jackson-databind: use of deeply nested arrays
- CVE-2022-45047: mina-sshd: Java unsafe deserialization vulnerability
- CVE-2022-45693: jettison: If the value in map is the map’s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos
- CVE-2022-46364: Apache CXF: SSRF Vulnerability
SRPM eap7-apache-sshd-2.9.2-1.redhat_00001.1.el8eap.src.rpm SHA-256: c7fa8b7d1d27057962197560919aea26feb0c4c52b05841a7e2f29fe2925db31 eap7-elytron-web-1.9.3-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 909346bf8289392a1b62ab67c977a81e6dfa6688dfaa605035f0cca711b34737 eap7-hal-console-3.3.16-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: d0c01ab7c63c1de12819b977a37f4cd43313c9b438152be91d32c9d32fe84338 eap7-hibernate-search-5.10.13-3.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 6533daec78811acba4c5dca875217fb660fd02acefcb5cd57be23cccc93fc62e eap7-ironjacamar-1.5.10-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 49bd5d51f20f42d9d4d2614e8d8b72e042a3f5411322f7a8bc82306cd028a3bd eap7-jackson-annotations-2.12.7-1.redhat_00003.1.el8eap.src.rpm SHA-256: fcf26415f74434543f0dbf88ccc864fd40f059b2df6d0b42257a6d1f9d5373fc eap7-jackson-core-2.12.7-1.redhat_00003.1.el8eap.src.rpm SHA-256: d31c434675c837e85cb6ee7939488bfc4c73445f6d75cc5feab369c6a0284278 eap7-jackson-databind-2.12.7-1.redhat_00003.1.el8eap.src.rpm SHA-256: c99b04511e91883d09e2c421759f627a5e4737de87670cf362fed0ac5b5a51d9 eap7-jackson-jaxrs-providers-2.12.7-1.redhat_00003.1.el8eap.src.rpm SHA-256: 16b6335967a6c6c2cdd2212c70effb11b7a3fb1cc3c78e0fc3a6fc369a6ad032 eap7-jackson-modules-base-2.12.7-1.redhat_00003.1.el8eap.src.rpm SHA-256: d5891da1067b03fde68b187662c0d09d7a55847c982293e38024f128a7433234 eap7-jackson-modules-java8-2.12.7-1.redhat_00003.1.el8eap.src.rpm SHA-256: a48defc4e049de8d572b2f744fc21b82d323a1db7340f03efad9e0ac420cda59 eap7-javaee-security-soteria-1.0.1-3.redhat_00003.1.el8eap.src.rpm SHA-256: 1c7a1f5deec434c222d8e4b450aefb66e793c269dd2309b3223e2c018be30932 eap7-jboss-ejb-client-4.0.49-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: c05ab50d5a415483513dc7f0a2f765a668fd325a7240b6682423e9e41fd68220 eap7-jboss-jsf-api_2.3_spec-3.0.0-6.SP07_redhat_00001.1.el8eap.src.rpm SHA-256: 4a0fdf594855f0443525b6334f26e73c89364909d6ce84fba44100a9898a81b0 eap7-jboss-jsp-api_2.3_spec-2.0.0-3.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 215d40164f75f6470484e9d9b824a1e3667efc9ec25b4163d97b2e6a10d19595 eap7-jboss-remoting-5.0.27-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 140d6dd9f3a3e4843fa01d70a34c1cca23d52bf5b735dff0c8cab5423b72d4fa eap7-jboss-server-migration-1.10.0-24.Final_redhat_00023.1.el8eap.src.rpm SHA-256: 7ad656253d5fb1b3bdb2ea03f022e0765ffa7c3debdde64b8bbef71c2a0d96cd eap7-jettison-1.5.2-1.redhat_00002.1.el8eap.src.rpm SHA-256: 6c98f4e6b8726811480cafc508d296601dd26afb93a622ac0e2f45fa3bf373e4 eap7-undertow-2.2.22-1.SP3_redhat_00001.1.el8eap.src.rpm SHA-256: 3f21056be117cfe6f1d10e2cd067faa133fc53edf1cd4cb69a766cfbf699fa91 eap7-wildfly-7.4.9-4.GA_redhat_00003.1.el8eap.src.rpm SHA-256: d48e3c8f592bf689cb07a2fc3dd7d7182130c8806ceb118da5f31280da91b5e8 eap7-wildfly-elytron-1.15.16-1.Final_redhat_00001.1.el8eap.src.rpm SHA-256: 164654360e3e464d9db1622b03968100389f190aeb525f97b7d23d479b496470 eap7-woodstox-core-6.4.0-1.redhat_00001.1.el8eap.src.rpm SHA-256: d16c66bbd7f2fa5a9a272270b0184be670edf466337e10d84b76d36036708abf x86_64 eap7-apache-sshd-2.9.2-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: ae0b9864fd9577d7ffb3e2d3badac96ab220ea0623ee66695ca3f509468ff8ce eap7-hal-console-3.3.16-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 7c3d28e8acda0db8eb0c54a7435c0cdfdcdac3b9d4348ac53df09d3900a76549 eap7-hibernate-search-5.10.13-3.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: a16756020a81fb4323a3087ca29d570a0090821dd81ae0da9a32b51bd352657c eap7-hibernate-search-backend-jgroups-5.10.13-3.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 24d43593458cde8221630450330245ef19e201365d472cedd5bf3dbb5cad59ea eap7-hibernate-search-backend-jms-5.10.13-3.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 6d55c5a4b422730ecb9bc35955d48d87b139af2560e2b41ec6c35c2edf37ac82 eap7-hibernate-search-engine-5.10.13-3.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 6aaf4c1622e83e13c872a400cd39270b6deb6305529fd328defa5f5ad4ebb8c1 eap7-hibernate-search-orm-5.10.13-3.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: c8b2df9f90c1ef20de4c36dff2693b007b146bd4bfac2c95d77735dc756af4fe eap7-hibernate-search-serialization-avro-5.10.13-3.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 3827ef73b7654294af2eff01e2404b88a1746f72b28cff6acdd308f264e678b3 eap7-ironjacamar-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 5076ed83300e77674c6d000f2e8b34c81418ac9b7ef3ad80df20fee73fe03a90 eap7-ironjacamar-common-api-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: d8edec1e364de6c8b2a6d55509b88138ef01e85012ca672a1398984e7e0b246b eap7-ironjacamar-common-impl-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 2e1b3593b76902bada58fcbd83e11528357497c560ac3f71a6ce952347c0d639 eap7-ironjacamar-common-spi-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 037bebbc9a9c668a482fdec252405aa8dd90925daccdb47d79f59c7bce00f826 eap7-ironjacamar-core-api-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 393a1595aec1ba97cf758c000938b73fdcfb44e5d8dde194c457c788b6b4e181 eap7-ironjacamar-core-impl-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 67c59609a63c09c3fe4907ff04f5501ad2af95cae0b23999cf0f12a6ff44483d eap7-ironjacamar-deployers-common-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: c1bf8367221583dcac95b0caa1435fac04d5a25f1e40bdb4bce1d0c134501e8c eap7-ironjacamar-jdbc-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: c465324498ef5d91ef3a402c7df7b8d86900e532ddde4bcb970a4b24474c9ab1 eap7-ironjacamar-validator-1.5.10-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: af228dfa94a26240e2ce9efe62e1e3dcd6bfa6bc32a68f3f822f3fd366ec2bdd eap7-jackson-annotations-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: ac2b36e91d95cd09180928180e101bb37d4fbdcd604307dd42d703bd80572f0b eap7-jackson-core-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: ccf24cf2c0e998cb5cfb44c13e260de8de17dd391d26314f5f5d84951d1534b7 eap7-jackson-databind-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: 340db8e0389f90face3913bc792d640b8603b1bb53759126a6891bbdd341d7f0 eap7-jackson-datatype-jdk8-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: 61e6c7473f79f83f89a576cccad7ba1ffbdf6ac7c5d6e036c6f27367c4fc241e eap7-jackson-datatype-jsr310-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: c19d14b1c7b29a555d55f37adba7bea9ebfb77b1e07d29cb3e38200b032ecca5 eap7-jackson-jaxrs-base-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: f0049acd65638ea7b4d80ba329a880aba3e57b903bc4564dec8bb812e02c7826 eap7-jackson-jaxrs-json-provider-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: ab7e9bef635eba4522870f0d80631c562745277b266415fffe6fb25a0fe07a00 eap7-jackson-module-jaxb-annotations-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: 8494bcab4953e41d50ab06c2308718a0766a591eda6e3b8aa4a1ac8b04935429 eap7-jackson-modules-base-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: dfda7ae9676debc829867abb2cc9973a09cfafd558e485d85746befb9cf8a950 eap7-jackson-modules-java8-2.12.7-1.redhat_00003.1.el8eap.noarch.rpm SHA-256: 46c4f976f135d915dae542a8039a8ec24719d3c36fd575eeda0d1a45739eda8b eap7-javaee-security-soteria-1.0.1-3.redhat_00003.1.el8eap.noarch.rpm SHA-256: 46cbb6e6c8d6de670af9b89ca428ebcaf2d98a59411fa413270beae12bc22172 eap7-javaee-security-soteria-enterprise-1.0.1-3.redhat_00003.1.el8eap.noarch.rpm SHA-256: 979832bfd0614bdcc02e1c94261c3cbf7a7ad7c3a53abe1d89d9196e6d0115f5 eap7-jboss-ejb-client-4.0.49-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 157126e830f3764ec75b286d647f9709d58acc8e9858d5791602ab7c8ac1741c eap7-jboss-jsf-api_2.3_spec-3.0.0-6.SP07_redhat_00001.1.el8eap.noarch.rpm SHA-256: 2039f82e81b29fb9c722eba0dfad1dc81c4b9d871ba065c8569a887962a50b54 eap7-jboss-jsp-api_2.3_spec-2.0.0-3.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: e9c643f4f9e5fdbe5525f1e92dcb12f95db219ac52543f6aec6bdec59fac0b2f eap7-jboss-remoting-5.0.27-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: e42c8515a27d472432f22df5a66d507dcff832cf46010e9dd8ac18e3618c8703 eap7-jboss-server-migration-1.10.0-24.Final_redhat_00023.1.el8eap.noarch.rpm SHA-256: 8a70fea05499bd0255232f33d39275aacdaee0d652d010804b5ed2030ed25ce4 eap7-jboss-server-migration-cli-1.10.0-24.Final_redhat_00023.1.el8eap.noarch.rpm SHA-256: 2fbc7af31adf59cb00335630f017bf69952c9e6c3842d34cafebaed7e87d941c eap7-jboss-server-migration-core-1.10.0-24.Final_redhat_00023.1.el8eap.noarch.rpm SHA-256: 94ed36dc35a31468099a9c1184490f992b39c8ebf006a28ab19ecacbfaa5eb0f eap7-jettison-1.5.2-1.redhat_00002.1.el8eap.noarch.rpm SHA-256: ae95e2c54f1451c36dca32112f4348ea53e821d22f729359ab265e4081958f92 eap7-undertow-2.2.22-1.SP3_redhat_00001.1.el8eap.noarch.rpm SHA-256: 74c8f8b99fe0fc21ee8f125755e41688c002bbab435aeda397191c06b5acb520 eap7-undertow-server-1.9.3-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 26a2a71bec4f67ae23fc7723bf4ab562739abe60c028c301bf645fe7c61f4d51 eap7-wildfly-7.4.9-4.GA_redhat_00003.1.el8eap.noarch.rpm SHA-256: 175e3d4e55302a633f8e85bc8ac6b298843ac9059d744f310ed82d5df1ff702a eap7-wildfly-elytron-1.15.16-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: ac0cb3adf76f3f46354f6960d6f1955935f6a0106db6e047291499a5544faf1a eap7-wildfly-elytron-tool-1.15.16-1.Final_redhat_00001.1.el8eap.noarch.rpm SHA-256: 4cb1ceaa83c881aca751f83a5c634d4c40e74a471987c3ca10c5a42114e4f1a6 eap7-wildfly-javadocs-7.4.9-4.GA_redhat_00003.1.el8eap.noarch.rpm SHA-256: 6c37661518fcc626f5dfdfc8c4d124755f9ac2face52d4e9781836a6577bf82f eap7-wildfly-modules-7.4.9-4.GA_redhat_00003.1.el8eap.noarch.rpm SHA-256: bf1316deacdb226b0e002e30032a97f0a58efb4c03d26420999f5e7106d7d0ce eap7-woodstox-core-6.4.0-1.redhat_00001.1.el8eap.noarch.rpm SHA-256: 3e0ab5bc98e4a16cfc9cbba9286e9e9bfae25d65dacbe7ed4f841c24e836f8f3