RHSA-2024:1318HighCVSS 7.5
Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.8 release and security update
🔗 CVE IDs covered (3)
📋 Description
CVE-2023-5678 — openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow CVE-2023-46589 — tomcat: HTTP request smuggling via malformed trailer headers CVE-2024-24549 — Tomcat: HTTP/2 header handling DoS
🔗 References (7)
- selfhttps://access.redhat.com/errata/RHSA-2024:1318
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.7/html/red_hat_jboss_web_server_5.7_service_pack_8_release_notes
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2248616
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2252050
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2269607
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1318.json