RHSA-2015:0215Medium
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.3 update
🔗 CVE IDs covered (5)
📋 Description
CVE-2014-7827 — Security: Wrong security context loaded when using SAML2 STS Login Module CVE-2014-7839 — RESTeasy: External entities expanded by DocumentProvider CVE-2014-7849 — Management: Limited RBAC authorization bypass CVE-2014-7853 — Subsystem: Information disclosure via incorrect sensitivity classification of attribute CVE-2014-8122 — Weld: Limited information disclosure via stale thread state
🔗 References (9)
- selfhttps://access.redhat.com/errata/RHSA-2015:0215
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.3.0
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1160574
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1165170
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1165328
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1165522
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1169237
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0215.json