What is RHSA-2025:10931?

RHSA-2025:10931 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update

Which CVE IDs does RHSA-2025:10931 cover?

RHSA-2025:10931 covers the following CVE IDs: CVE-2025-35036, CVE-2025-48734, CVE-2024-10234, CVE-2025-2251, CVE-2025-2901, CVE-2025-23184. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2025:10931?

RHSA-2025:10931 has a CVSS v3 base score of 8.8, published by Red Hat Product Security.

RHSA-2025:10931HighCVSS 8.8

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update

Vendor

Red Hat Product Security

Published

July 14, 2025

Last Modified

June 23, 2026

🔗 CVE IDs covered (6)

CVE-2025-35036 →CVE-2025-48734 →CVE-2024-10234 →CVE-2025-2251 →CVE-2025-2901 · pendingCVE-2025-23184 →

📋 Description

CVE-2024-10234 — wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS) CVE-2025-2251 — org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution CVE-2025-2901 — org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console CVE-2025-23184 — org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files CVE-2025-35036 — hibernate-validator: Hibernate Validator Expression Language Injection CVE-2025-48734 — commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

🔗 CVE IDs covered (6)

📋 Description

🔗 References (23)