Headline
RHSA-2023:0554: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2015-9251: jquery: Cross-site scripting via cross-domain ajax requests
- CVE-2016-10735: bootstrap: XSS in the data-target attribute
- CVE-2017-18214: nodejs-moment: Regular expression denial of service
- CVE-2018-14040: bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
- CVE-2018-14041: bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
- CVE-2018-14042: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
- CVE-2019-8331: bootstrap: XSS in the tooltip or popover data-template attribute
- CVE-2019-11358: jquery: Prototype pollution in object’s prototype leading to denial of service, remote code execution, or property injection
- CVE-2020-11022: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
- CVE-2020-11023: jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
- CVE-2022-3143: wildfly-elytron: possible timing attacks via use of unsafe comparator
- CVE-2022-40149: jettison: parser crash by stackoverflow
- CVE-2022-40150: jettison: memory exhaustion via user-supplied XML or JSON data
- CVE-2022-40152: woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
- CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
- CVE-2022-42004: jackson-databind: use of deeply nested arrays
- CVE-2022-45047: mina-sshd: Java unsafe deserialization vulnerability
- CVE-2022-45693: jettison: If the value in map is the map’s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos
- CVE-2022-46364: Apache CXF: SSRF Vulnerability
SRPM eap7-apache-sshd-2.9.2-1.redhat_00001.1.el9eap.src.rpm SHA-256: c7cdd863a7915377c5edb1aac0701706fab30a2f0388f9f9854ad3cde8dd8fa7 eap7-elytron-web-1.9.3-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 3190b3bf3ee57bca8154fb1e892c1be96d1621635cc5dea17496626a65068602 eap7-hal-console-3.3.16-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: c83395ebb915de1cc36ff3471be2fb3a619a70c26319e31c4a6528185490cc35 eap7-hibernate-search-5.10.13-3.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 9a572a1bcbd8bfd6eca2e79e4b5210ad2cebd58cd1574b1dc909877a7a19c47e eap7-ironjacamar-1.5.10-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: efb6337279bd51530d703691251eabf8363c05da5c5ce16a98b9392eed526e11 eap7-jackson-annotations-2.12.7-1.redhat_00003.1.el9eap.src.rpm SHA-256: 80a3ca2ecd2de1a7dff9379d26359418f643bb6aded95f9e6361ad9427a1ea85 eap7-jackson-core-2.12.7-1.redhat_00003.1.el9eap.src.rpm SHA-256: ba6df1605737e2ddcf4d3a1112694d2c30be66643a18c25d912ef619e7038c83 eap7-jackson-databind-2.12.7-1.redhat_00003.1.el9eap.src.rpm SHA-256: d0e875ef6a2b717ddfae3533714d78007cbf123611df86dc4b6e92878bcb6462 eap7-jackson-jaxrs-providers-2.12.7-1.redhat_00003.1.el9eap.src.rpm SHA-256: 67525be5280e549cdeb4192332a0b1b559ddd66ab37140829bb9d3a12faf9616 eap7-jackson-modules-base-2.12.7-1.redhat_00003.1.el9eap.src.rpm SHA-256: 7672991509490563e8e71af43a5c40880f6108c334f66a70b75f3234a175cc7f eap7-jackson-modules-java8-2.12.7-1.redhat_00003.1.el9eap.src.rpm SHA-256: 69e39dddc9444aec7185ab4c693554ac859ad344e6dd3f9303c92120d91f0629 eap7-javaee-security-soteria-1.0.1-3.redhat_00003.1.el9eap.src.rpm SHA-256: 38f50d90adaca7269865c6b31119546e304c0f6950b8b7c1ef78b24dfd356c05 eap7-jboss-ejb-client-4.0.49-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 09ac8f23b97778722ad80212d6e28fa2406e5fcfd2a196379a6cacf507e18652 eap7-jboss-jsf-api_2.3_spec-3.0.0-6.SP07_redhat_00001.1.el9eap.src.rpm SHA-256: 7213ced01ab2ebe75e98141489c0623949852e8475e7f12e651c9627abe1f687 eap7-jboss-jsp-api_2.3_spec-2.0.0-3.Final_redhat_00001.1.el9eap.src.rpm SHA-256: edd11eb84b39b3f38b49e81db5ce072268272a544d867f50b9e1a380cd9dca7d eap7-jboss-remoting-5.0.27-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: dccb00b588206f8392c13ce3956996f934190994c257e52faad0451d7c4dc078 eap7-jboss-server-migration-1.10.0-24.Final_redhat_00023.1.el9eap.src.rpm SHA-256: a1af2d02415f0b27b9fd995d44f953ff028897c991d48fac3424b46e63565694 eap7-jettison-1.5.2-1.redhat_00002.1.el9eap.src.rpm SHA-256: e7406385a872e4b3cc666d35a79875666e6627da65e8826d8b89722f5ba77950 eap7-undertow-2.2.22-1.SP3_redhat_00001.1.el9eap.src.rpm SHA-256: 520bcbf7c41be36714f7a1d5275808bf5147e4bb537be3faf92639eeb4f28171 eap7-wildfly-7.4.9-4.GA_redhat_00003.1.el9eap.src.rpm SHA-256: b36d76ce6f62444f5d9273708bca55ac035279b075395448766be1fa861f12d6 eap7-wildfly-elytron-1.15.16-1.Final_redhat_00001.1.el9eap.src.rpm SHA-256: 8594bcb68f341f5ba577ed7a05d827b01808c79cea8efdcfe3873eef11c31c60 eap7-woodstox-core-6.4.0-1.redhat_00001.1.el9eap.src.rpm SHA-256: 7ced4803d3fe8379ea3e4e0e6fa9378d3649700dace0cde047ed0b429f75a1c3 x86_64 eap7-apache-sshd-2.9.2-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: efdec6bbb49f6f943342e5fab8c0647a47bb84107816d8bdc86e812d1052c0bd eap7-hal-console-3.3.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 6cb874d2a50c454902357f18ae3288a89ba5b8621400586fa687e77c4be319ff eap7-hibernate-search-5.10.13-3.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 0054a4c701ccab52f9836aaaa50d387f681bc24e07177ff2136b393cdc9f367e eap7-hibernate-search-backend-jgroups-5.10.13-3.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 9e07dd7d95160c67afe8deefbcd686668384410faa07bd1e0f2bb2cf545b9e66 eap7-hibernate-search-backend-jms-5.10.13-3.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 0a6ca7bff23ae61c091565f8c3c88eb6d8ef4dd581d56b093a7b19de17be4689 eap7-hibernate-search-engine-5.10.13-3.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 4047cc57510034d9236b3d9b5b9eb387f095b9ba4e23549b89d441624c5ddf6e eap7-hibernate-search-orm-5.10.13-3.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 3eabdae63792bdd52252a69da80677be4d8ea42541e54dd96e2859b1817aba98 eap7-hibernate-search-serialization-avro-5.10.13-3.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 9e4963e8dd9800256dd5331a1e714f70152d83d2e18593ef6e4f93179d0e6d07 eap7-ironjacamar-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 1a77b780e531e5d2c2cc1817c357efc648710f602b020b36297dccaae83b02e7 eap7-ironjacamar-common-api-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 0a4bc8e4cfae10ae4873c1b7549b72d4121199fd82615dbd41a1d445cb2ce238 eap7-ironjacamar-common-impl-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: c77a3598ab4f69b28e5c7fd8ff4c102219d6c1e951ed01ed07abbb62a751e3c3 eap7-ironjacamar-common-spi-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 1bad68eb5d0096eb836d35fd6f8336cc433f63d032c1eddb19020d861e0b2aeb eap7-ironjacamar-core-api-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 6bb0216a811633460081b72431136148986d8a7556739546f77ca7cebd9bd583 eap7-ironjacamar-core-impl-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 5943a9d736d3889d4a01c8f104941a944b58371b48c36e556a01a59e0ab1bcd3 eap7-ironjacamar-deployers-common-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 030685a9ce3061041d0a310c3b80ff28f7644822df4d5bc7412618359a65d0f6 eap7-ironjacamar-jdbc-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: a7bd8910bc29054be851a8508d94aa15cb98cad7bf61149de0b45b3fb21c5931 eap7-ironjacamar-validator-1.5.10-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 241f6b81fb97415eb84b0572d6a42fcbf07f6d6dbde4896aedc2b7d406af0353 eap7-jackson-annotations-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: a1974a686227c8987e73d2836591b16bce0abe4c961b8f17049b612f6321ad84 eap7-jackson-core-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: 262e5bc0f4891ab2a58d9ac89bc3fbf5385afc111cd382f15bf29f9bc0f37107 eap7-jackson-databind-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: 2ea70c82c7ca37fcafa006a1aa28f62e23b8704849ade29d7cfb5928bf6a1d56 eap7-jackson-datatype-jdk8-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: c11eafecf19ee3c8f97396df1ab539ab0b401ce723f2936565553cc170e55e52 eap7-jackson-datatype-jsr310-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: cfbd6c524c39a2a05df70dda44860947eabc47d687ea310f0d263466717e3e96 eap7-jackson-jaxrs-base-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: f2f3156621d30fa3db6f97975c96e3afe76c18104535b06f13b89f3cd107220e eap7-jackson-jaxrs-json-provider-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: 4c675980d430470f6adf0db9fd66a0b89674df6cd99d4f8ecbd250f80e34889c eap7-jackson-module-jaxb-annotations-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: 5dfccec451e6e4df0692df5e723a76a508a7586d82f63188593ed51007d9ca0b eap7-jackson-modules-base-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: 49558f7e6f08b439e41bd63d7b3a6918fb0072531dfe8efeb3739e6e50201f0a eap7-jackson-modules-java8-2.12.7-1.redhat_00003.1.el9eap.noarch.rpm SHA-256: 070a2f74848cdab121a34e79d9c1dc7306d8db3203ee410a7fea7067fe057a55 eap7-javaee-security-soteria-1.0.1-3.redhat_00003.1.el9eap.noarch.rpm SHA-256: 932d5c7ea6c14beaed4e4e9b1a1ebc3fd13f7d93b192c19a1e50abcb45dadd13 eap7-javaee-security-soteria-enterprise-1.0.1-3.redhat_00003.1.el9eap.noarch.rpm SHA-256: b2732d0f330581876bde57283774c8b712ba4d89fc474095567e5a936e9d0ec7 eap7-jboss-ejb-client-4.0.49-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: cc593bfd0a194a3b7ca64742ca530b9be835e26a877e8c0ac4616ea2c76f8f43 eap7-jboss-jsf-api_2.3_spec-3.0.0-6.SP07_redhat_00001.1.el9eap.noarch.rpm SHA-256: 9283a24a8302c543b74da150052c2e26866b2644f0de90553ad11b329c3babd9 eap7-jboss-jsp-api_2.3_spec-2.0.0-3.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 7d0ae5729aee83146ba9317fd84071d8751a9873e8d2cc1f1b3dd6a9f4beda66 eap7-jboss-remoting-5.0.27-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: b0b0e1fd2db3b75b2d2de28d472d23738faa46b1918ac0b12ef6e771f8fb7b08 eap7-jboss-server-migration-1.10.0-24.Final_redhat_00023.1.el9eap.noarch.rpm SHA-256: 3a31d15b0bed341980d37735c1c9e8c6e6d3cb43bda2dcd48f6f3129cf9c8df6 eap7-jboss-server-migration-cli-1.10.0-24.Final_redhat_00023.1.el9eap.noarch.rpm SHA-256: 0b26200db900c80dd72b0b861c61076843105237900978f355a55bbf99395c0f eap7-jboss-server-migration-core-1.10.0-24.Final_redhat_00023.1.el9eap.noarch.rpm SHA-256: 0eba94abdfaa38084abfeaba5db1a5344c0796f983c44ab77f5b807476bfd40c eap7-jettison-1.5.2-1.redhat_00002.1.el9eap.noarch.rpm SHA-256: 886cf20323008e3b17c119479fb2f2f8ba5ca2373af8e363c735ad6761bbfd07 eap7-undertow-2.2.22-1.SP3_redhat_00001.1.el9eap.noarch.rpm SHA-256: 441c75f03fadf405a1032d55dbe9abd299f3938b1fe5d8aa70971e4d1a606f55 eap7-undertow-server-1.9.3-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: faa366159f9224bd73f11875bef786a8c1af3dffcb0447ddabcc32ec6b0ad910 eap7-wildfly-7.4.9-4.GA_redhat_00003.1.el9eap.noarch.rpm SHA-256: 2c549fdc4114c19c7fefaaac0c36b908ba618daabfe908a501079327114efce2 eap7-wildfly-elytron-1.15.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: c28938bb16fe0637c0a2b36165c0a639a3fceb9b43db3335e95dacab05ac707d eap7-wildfly-elytron-tool-1.15.16-1.Final_redhat_00001.1.el9eap.noarch.rpm SHA-256: 8ec9f108c2692b3570591b197b14e881bf2ae43268070d6597a1bc6b1d264e9e eap7-wildfly-javadocs-7.4.9-4.GA_redhat_00003.1.el9eap.noarch.rpm SHA-256: 52fe330c956502a63ada897e3ed63d033bb52a54c6d0552d079eb1b495ed1406 eap7-wildfly-modules-7.4.9-4.GA_redhat_00003.1.el9eap.noarch.rpm SHA-256: 36d2132865da0c8d59f5aebe01e958b865a0af83bea98da0334cac2257be80a5 eap7-woodstox-core-6.4.0-1.redhat_00001.1.el9eap.noarch.rpm SHA-256: 85c2e31d21a688317a3683ea6a73818b755311b83524fbfb58022c4783641bd9