RHSA-2025:3465HighCVSS 8.8
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.21 security update
🔗 CVE IDs covered (7)
📋 Description
CVE-2024-47535 — netty: Denial of Service attack on windows app using Netty CVE-2024-51127 — hornetq-core-client: Arbitrarily overwrite files or access sensitive information CVE-2025-23367 — org.wildfly.core:wildfly-server: Wildfly improper RBAC permission CVE-2025-24970 — io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine CVE-2025-25193 — netty: Denial of Service attack on windows app using Netty CVE-2025-48734 — commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-52999 — com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError
🔗 References (5)
- selfhttps://access.redhat.com/errata/RHSA-2025:3465
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4
- externalhttps://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3465.json