RHSA-2026:25125HighCVSS 8.7

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.6 security update

Published
June 10, 2026
Last Modified
June 29, 2026

🔗 CVE IDs covered (4)

📋 Description

CVE-2026-1605 — org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests CVE-2026-28367 — undertow: Undertow: Request smuggling via \r\r\r as a header block terminator CVE-2026-28368 — undertow: Undertow: Request smuggling via inconsistent header parsing CVE-2026-28369 — undertow: Undertow: Request Smuggling via Malformed HTTP Request Headers

🔗 References (10)