RHSA-2025:16668HighCVSS 8.8

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.12 on RHEL 7 security update

Published
September 25, 2025
Last Modified
June 25, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2020-10705 — undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100-continue" header CVE-2023-44487 — HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) CVE-2024-4109 — undertow: information leakage via HTTP/2 request header reuse CVE-2024-27316 — httpd: CONTINUATION frames DoS CVE-2024-51127 — hornetq-core-client: Arbitrarily overwrite files or access sensitive information CVE-2025-48734 — commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

🔗 References (15)