What is RHSA-2025:1747?

RHSA-2025:1747 is a security advisory published by Red Hat Product Security with Critical severity. Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.12 security update

What is the CVSS v3 score of RHSA-2025:1747?

RHSA-2025:1747 has a CVSS v3 base score of 9.8, published by Red Hat Product Security.

RHSA-2025:1747CriticalCVSS 9.8

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.12 security update

Vendor

Red Hat Product Security

Published

February 24, 2025

Last Modified

June 6, 2026

🔗 CVE IDs covered (13)

CVE-2022-42889 →CVE-2022-46363 →CVE-2020-13936 →CVE-2021-42392 →CVE-2021-44228 →CVE-2021-45046 →CVE-2022-42003 →CVE-2022-42004 →CVE-2022-45047 →CVE-2022-45693 →CVE-2021-44906 →CVE-2022-1471 →CVE-2022-41881 →

📋 Description

CVE-2020-13936 — velocity: arbitrary code execution when attacker is able to modify templates CVE-2021-42392 — h2: Remote Code Execution in Console CVE-2021-44228 — log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value CVE-2021-44906 — minimist: prototype pollution CVE-2021-45046 — log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) CVE-2022-1471 — SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-41881 — codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS CVE-2022-42003 — jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS CVE-2022-42004 — jackson-databind: use of deeply nested arrays CVE-2022-42889 — apache-commons-text: variable interpolation RCE CVE-2022-45047 — mina-sshd: Java unsafe deserialization vulnerability CVE-2022-45693 — jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos CVE-2022-46363 — CXF: directory listing / code exfiltration

🔗 CVE IDs covered (13)

📋 Description

🔗 References (20)