RHSA-2018:2740HighCVSS 7.5
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.21 security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2017-2582 — keycloak: SAML request parser replaces special strings with system properties CVE-2017-7536 — hibernate-validator: Privilege escalation when running under the security manager CVE-2018-1336 — tomcat: A bug in the UTF-8 decoder can lead to DoS CVE-2018-10237 — guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service
🔗 References (22)
- selfhttps://access.redhat.com/errata/RHSA-2018:2740
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/
- externalhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1261190
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1410481
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1465573
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1570200
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1573391
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1578830
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1580440
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1594389
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1602226
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1606334
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1607591
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1610355
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1610742
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1611770
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1614448
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1615347
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1615380
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2740.json