What is RHSA-2024:1325?

RHSA-2024:1325 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.1 release and security update

Which CVE IDs does RHSA-2024:1325 cover?

RHSA-2024:1325 covers the following CVE IDs: CVE-2023-5678, CVE-2023-41080, CVE-2023-46589, CVE-2024-24549. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2024:1325?

RHSA-2024:1325 has a CVSS v3 base score of 7.5, published by Red Hat Product Security.

RHSA-2024:1325HighCVSS 7.5

Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.1 release and security update

Vendor

Red Hat Product Security

Published

March 18, 2024

Last Modified

May 29, 2026

🔗 CVE IDs covered (4)

CVE-2023-5678 →CVE-2023-41080 →CVE-2023-46589 →CVE-2024-24549 →

📋 Description

CVE-2023-5678 — openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow CVE-2023-41080 — tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-46589 — tomcat: HTTP request smuggling via malformed trailer headers CVE-2024-24549 — Tomcat: HTTP/2 header handling DoS

🔗 References (9)

selfhttps://access.redhat.com/errata/RHSA-2024:1325
externalhttps://access.redhat.com/security/updates/classification/#important
externalhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=6.0
externalhttps://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/6.0/html/red_hat_jboss_web_server_6.0_service_pack_1_release_notes
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2235370
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2248616
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2252050
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2269607
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1325.json