RHSA-2024:5144HighCVSS 7.5

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.18 Security update

Published
August 8, 2024
Last Modified
July 8, 2026

🔗 CVE IDs covered (7)

📋 Description

CVE-2024-3653 — undertow: LearningPushHandler can lead to remote memory DoS attacks CVE-2024-5971 — undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket CVE-2024-27316 — httpd: CONTINUATION frames DoS CVE-2024-29025 — netty-codec-http: Allocation of Resources Without Limits or Throttling CVE-2024-29857 — org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service CVE-2024-30171 — bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) CVE-2024-30172 — org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

🔗 References (24)