What is RHSA-2025:10924?

RHSA-2025:10924 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update

What is the CVSS v3 score of RHSA-2025:10924?

RHSA-2025:10924 has a CVSS v3 base score of 8.8, published by Red Hat Product Security.

RHSA-2025:10924HighCVSS 8.8

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update

Vendor

Red Hat Product Security

Published

July 14, 2025

Last Modified

June 23, 2026

🔗 CVE IDs covered (7)

CVE-2025-2251 →CVE-2025-2901 · pendingCVE-2025-23184 →CVE-2025-23366 →CVE-2025-35036 →CVE-2025-48734 →CVE-2024-10234 →

📋 Description

CVE-2024-10234 — wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS) CVE-2025-2251 — org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution CVE-2025-2901 — org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console CVE-2025-23184 — org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files CVE-2025-23366 — org.jboss.hal:hal-console: Wildfly HAL Console Cross-Site Scripting CVE-2025-35036 — hibernate-validator: Hibernate Validator Expression Language Injection CVE-2025-48734 — commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

🔗 CVE IDs covered (7)

📋 Description

🔗 References (24)