What is RHSA-2024:10208?

RHSA-2024:10208 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update

What is the CVSS v3 score of RHSA-2024:10208?

RHSA-2024:10208 has a CVSS v3 base score of 9.8, published by Red Hat Product Security.

RHSA-2024:10208HighCVSS 9.8

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update

Vendor

Red Hat Product Security

Published

November 25, 2024

Last Modified

May 27, 2026

🔗 CVE IDs covered (12)

CVE-2023-5685 →CVE-2023-39410 →CVE-2020-7238 →CVE-2022-23221 →CVE-2022-34169 →CVE-2022-46364 →CVE-2023-3171 →CVE-2023-26464 →CVE-2024-28752 →CVE-2024-47561 →CVE-2020-28052 →CVE-2022-41853 →

📋 Description

CVE-2020-7238 — netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling CVE-2020-28052 — bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible CVE-2022-23221 — h2: Loading of custom classes from remote servers through JNDI CVE-2022-34169 — OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) CVE-2022-41853 — hsqldb: Untrusted input may lead to RCE attack CVE-2022-46364 — CXF: SSRF Vulnerability CVE-2023-3171 — eap-7: heap exhaustion via deserialization CVE-2023-5685 — xnio: StackOverflowException when the chain of notifier states becomes problematically big CVE-2023-26464 — log4j1-socketappender: DoS via hashmap logging CVE-2023-39410 — apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK CVE-2024-28752 — cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding CVE-2024-47561 — apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

🔗 CVE IDs covered (12)

📋 Description

🔗 References (18)