RHSA-2025:16667HighCVSS 8.8
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.15 security update
🔗 CVE IDs covered (5)
📋 Description
CVE-2024-4109 — undertow: information leakage via HTTP/2 request header reuse CVE-2024-7885 — undertow: Improper State Management in Proxy Protocol parsing causes information leakage CVE-2024-27316 — httpd: CONTINUATION frames DoS CVE-2024-51127 — hornetq-core-client: Arbitrarily overwrite files or access sensitive information CVE-2025-48734 — commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
🔗 References (14)
- selfhttps://access.redhat.com/errata/RHSA-2025:16667
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3
- externalhttps://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index
- externalhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268277
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2272325
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2305290
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2323697
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2368956
- externalhttps://issues.redhat.com/browse/JBEAP-30314
- externalhttps://issues.redhat.com/browse/JBEAP-30413
- externalhttps://issues.redhat.com/browse/JBEAP-30483
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_16667.json