RHSA-2023:1512HighCVSS 9.8

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update

Published
March 29, 2023
Last Modified
June 6, 2026

🔗 CVE IDs covered (9)

📋 Description

CVE-2022-1471 — SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-4492 — undertow: Server identity in https connection is not checked by the undertow client CVE-2022-38752 — snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode CVE-2022-41853 — hsqldb: Untrusted input may lead to RCE attack CVE-2022-41854 — dev-java/snakeyaml: DoS via stack overflow CVE-2022-41881 — codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS CVE-2022-45787 — apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider CVE-2023-0482 — RESTEasy: creation of insecure temp files CVE-2023-1108 — Undertow: Infinite loop in SslConduit during close

🔗 References (35)