RHSA-2026:12195MediumCVSS 7.3

Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.2 release and security update

Published
April 30, 2026
Last Modified
June 2, 2026

🔗 CVE IDs covered (4)

CVE-2025-66614CVE-2026-24733CVE-2026-31790CVE-2026-32990

📋 Description

CVE-2025-66614 — tomcat: Client certificate verification bypass due to virtual host mapping CVE-2026-24733 — tomcat: security constraint bypass with HTTP/0.9 CVE-2026-31790 — openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-32990 — Apache Tomcat: Apache Tomcat: Improper Input Validation vulnerability due to incomplete fix

🔗 References (8)