RHSA-2017:2808HighCVSS 8.1

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update

Published
September 26, 2017
Last Modified
June 30, 2026

🔗 CVE IDs covered (5)

📋 Description

CVE-2014-9970 — jasypt: Vulnerable to timing attack against the password hash comparison CVE-2015-6644 — bouncycastle: Information disclosure in GCMBlockCipher CVE-2017-2582 — keycloak: SAML request parser replaces special strings with system properties CVE-2017-5645 — log4j: Socket receiver deserialization vulnerability CVE-2017-7536 — hibernate-validator: Privilege escalation when running under the security manager

🔗 References (11)