RHSA-2023:4910MediumCVSS 9.8

Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

Published
September 4, 2023
Last Modified
June 26, 2026

🔗 CVE IDs covered (5)

📋 Description

CVE-2022-24963 — apr: integer overflow/wraparound in apr_encode CVE-2022-28331 — apr: Windows out-of-bounds write in apr_socket_sendv function CVE-2023-24998 — FileUpload: FileUpload DoS with excessive parts CVE-2023-28708 — tomcat: not including the secure attribute causes information disclosure CVE-2023-28709 — tomcat: Fix for CVE-2023-24998 was incomplete

🔗 References (9)