RHSA-2023:7641HighCVSS 7.5

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 security update

Published
December 4, 2023
Last Modified
July 10, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2023-2976 — guava: insecure temporary directory creation CVE-2023-4503 — eap-galleon: custom provisioning creates unsecured http-invoker CVE-2023-5685 — xnio: StackOverflowException when the chain of notifier states becomes problematically big CVE-2023-35887 — apache-mina-sshd: information exposure in SFTP server implementations CVE-2023-39410 — apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK CVE-2023-44487 — HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

🔗 References (35)