RHSA-2024:1677HighCVSS 7.5
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update
🔗 CVE IDs covered (5)
📋 Description
CVE-2023-1973 — undertow: unrestricted request storage leads to memory exhaustion CVE-2023-4639 — undertow: Cookie Smuggling/Spoofing CVE-2023-48795 — ssh: Prefix truncation attack on Binary Packet Protocol (BPP) CVE-2024-1102 — jberet: jberet-core logging database credentials CVE-2024-1635 — undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol
🔗 References (27)
- selfhttps://access.redhat.com/errata/RHSA-2024:1677
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4
- externalhttps://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4
- externalhttps://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2166022
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2185662
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2254210
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2262060
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2264928
- externalhttps://issues.redhat.com/browse/JBEAP-19969
- externalhttps://issues.redhat.com/browse/JBEAP-26168
- externalhttps://issues.redhat.com/browse/JBEAP-26280
- externalhttps://issues.redhat.com/browse/JBEAP-26291
- externalhttps://issues.redhat.com/browse/JBEAP-26318
- externalhttps://issues.redhat.com/browse/JBEAP-26343
- externalhttps://issues.redhat.com/browse/JBEAP-26355
- externalhttps://issues.redhat.com/browse/JBEAP-26414
- externalhttps://issues.redhat.com/browse/JBEAP-26467
- externalhttps://issues.redhat.com/browse/JBEAP-26533
- externalhttps://issues.redhat.com/browse/JBEAP-26552
- externalhttps://issues.redhat.com/browse/JBEAP-26587
- externalhttps://issues.redhat.com/browse/JBEAP-26616
- externalhttps://issues.redhat.com/browse/JBEAP-26617
- externalhttps://issues.redhat.com/browse/JBEAP-26636
- externalhttps://issues.redhat.com/browse/JBEAP-26660
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1677.json