Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Red Hat JBoss Enterprise Application Platform
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Red Hat JBoss Enterprise Application Platform
ID: RHSA-2025:4226
Distribution: Red Hat
Plattformen: Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server
Datum: Mo, 28. April 2025, 06:40
Referenzen: https://access.redhat.com/security/cve/CVE-2024-1635
https://bugzilla.redhat.com/show_bug.cgi?id=2064226
https://bugzilla.redhat.com/show_bug.cgi?id=2126789
https://bugzilla.redhat.com/show_bug.cgi?id=2134291
https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1
https://access.redhat.com/security/cve/CVE-2022-1319
https://bugzilla.redhat.com/show_bug.cgi?id=2209689
https://bugzilla.redhat.com/show_bug.cgi?id=2264928
https://bugzilla.redhat.com/show_bug.cgi?id=1995259
https://access.redhat.com/security/cve/CVE-2023-1108
https://bugzilla.redhat.com/show_bug.cgi?id=2072009
https://access.redhat.com/security/cve/CVE-2022-25647
https://access.redhat.com/security/cve/CVE-2022-40152
https://bugzilla.redhat.com/show_bug.cgi?id=2073890
https://access.redhat.com/security/cve/CVE-2022-24785
https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index
https://access.redhat.com/security/cve/CVE-2022-0084
https://access.redhat.com/security/cve/CVE-2022-40149
https://access.redhat.com/security/cve/CVE-2021-3690
https://access.redhat.com/security/cve/CVE-2021-40690
https://bugzilla.redhat.com/show_bug.cgi?id=2185662
https://access.redhat.com/security/cve/CVE-2021-3859
https://bugzilla.redhat.com/show_bug.cgi?id=2010378
https://bugzilla.redhat.com/show_bug.cgi?id=2011190
https://access.redhat.com/security/cve/CVE-2023-1973
https://bugzilla.redhat.com/show_bug.cgi?id=2063601
https://access.redhat.com/security/cve/CVE-2021-37714
https://access.redhat.com/security/cve/CVE-2022-25857
https://access.redhat.com/security/cve/CVE-2022-23913
https://bugzilla.redhat.com/show_bug.cgi?id=1991299
https://issues.redhat.com/browse/JBEAP-29286
https://access.redhat.com/errata/RHSA-2025:4226
https://access.redhat.com/security/cve/CVE-2022-2053
https://access.redhat.com/security/cve/CVE-2023-3223
https://bugzilla.redhat.com/show_bug.cgi?id=2080850
https://bugzilla.redhat.com/show_bug.cgi?id=2095862
https://bugzilla.redhat.com/show_bug.cgi?id=2135771
https://bugzilla.redhat.com/show_bug.cgi?id=2174246
Applikationen: Red Hat JBoss Enterprise Application Platform

Originalnachricht

 
A security update is now available for Red Hat JBoss Enterprise Application
 Platform 7.1 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of
 Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java
 applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2021-3690: Missing Release of Memory after Effective Lifetime (CWE-401)
CVE-2021-3859: Invocation of Process Using Visible Sensitive Information
 (CWE-214)
CVE-2021-37714: Uncontrolled Resource Consumption (CWE-400)
CVE-2021-40690: Exposure of Sensitive Information to an Unauthorized Actor
 (CWE-200)
CVE-2022-0084: Allocation of Resources Without Limits or Throttling (CWE-770)
CVE-2022-1319: Unchecked Return Value (CWE-252)
CVE-2022-2053: Allocation of Resources Without Limits or Throttling (CWE-770)
CVE-2022-23913: Allocation of Resources Without Limits or Throttling (CWE-770)
CVE-2022-24785: Improper Limitation of a Pathname to a Restricted Directory
 ('Path Traversal') (CWE-22)
CVE-2022-25647: Deserialization of Untrusted Data (CWE-502)
CVE-2022-25857: Uncontrolled Resource Consumption (CWE-400)
CVE-2022-40149: Out-of-bounds Write (CWE-787)
CVE-2022-40152: Out-of-bounds Write (CWE-787)
CVE-2023-1108: Loop with Unreachable Exit Condition ('Infinite Loop')
 (CWE-835)
CVE-2023-1973: Improper Input Validation (CWE-20)
CVE-2023-3223: Memory Allocation with Excessive Size Value (CWE-789)
CVE-2024-1635: Uncontrolled Resource Consumption (CWE-400)
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung