Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:5893
HistoryAug 03, 2022 - 3:36 p.m.

(RHSA-2022:5893) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update

2022-08-0315:36:29
access.redhat.com
31

0.012 Low

EPSS

Percentile

85.5%

JSON

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):

  • com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)

  • org.jboss.hal-hal-parent: minimist: prototype pollution (CVE-2021-44906)

  • netty: world readable temporary file containing sensitive data (CVE-2022-24823)

OSVersionArchitecturePackageVersionFilename
RedHat8noarcheap7-jboss-remoting< 5.0.25-1.SP1_redhat_00001.1.el8eapeap7-jboss-remoting-5.0.25-1.SP1_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-ironjacamar-deployers-common< 1.5.3-2.SP1_redhat_00001.1.el8eapeap7-ironjacamar-deployers-common-1.5.3-2.SP1_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-netty-transport< 4.1.77-1.Final_redhat_00001.1.el8eapeap7-netty-transport-4.1.77-1.Final_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-hibernate-envers< 5.3.27-1.Final_redhat_00001.1.el8eapeap7-hibernate-envers-5.3.27-1.Final_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-apache-cxf-rt< 3.3.13-1.redhat_00001.1.el8eapeap7-apache-cxf-rt-3.3.13-1.redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-netty-buffer< 4.1.77-1.Final_redhat_00001.1.el8eapeap7-netty-buffer-4.1.77-1.Final_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-netty-resolver-dns-classes-macos< 4.1.77-1.Final_redhat_00001.1.el8eapeap7-netty-resolver-dns-classes-macos-4.1.77-1.Final_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-netty-codec< 4.1.77-1.Final_redhat_00001.1.el8eapeap7-netty-codec-4.1.77-1.Final_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-ironjacamar-common-spi< 1.5.3-2.SP1_redhat_00001.1.el8eapeap7-ironjacamar-common-spi-1.5.3-2.SP1_redhat_00001.1.el8eap.noarch.rpm
RedHat8noarcheap7-undertow< 2.2.18-2.SP2_redhat_00001.1.el8eapeap7-undertow-2.2.18-2.SP2_redhat_00001.1.el8eap.noarch.rpm
Rows per page:
1-10 of 871

Related

nessus 44
redhat 24
ibm 48
cgr 2
prion 3
ubuntucve 3
veracode 3
githubexploit 1
debiancve 3
redos 1
cvelist 3
cve 3
osv 13
github 3
mageia 2
openvas 18
f5 1
atlassian 3
debian 1
broadcom 2
wolfi 1
alpinelinux 1
redhatcve 3
thn 2
almalinux 3
oraclelinux 2
rocky 3
hivepro 1
freebsd 1
checkpoint_advisories 1
nessus
nessus
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.6 Security update (Moderate) (RHSA-2022:5893)
2022-08-04 00:00:00
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.6 Security update (Moderate) (RHSA-2022:5892)
2022-08-04 00:00:00
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.6 Security update. (Moderate) (RHSA-2022:5894)
2022-08-08 00:00:00
redhat
redhat
(RHSA-2022:5928) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update
2022-08-08 19:39:55
(RHSA-2022:5894) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update.
2022-08-03 15:37:48
(RHSA-2022:5892) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update
2022-08-03 15:36:19
ibm
ibm
Security Bulletin: There is a vulnerability in Netty used by IBM Maximo Asset Management ( CVE-2022-24823)
2023-09-07 17:06:38
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Netty information disclosure (CVE-2022-24823)
2022-08-30 18:16:54
Security Bulletin: Potential Vulnerability in Apache Solr and Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2022-24823)
2023-12-01 15:20:31
cgr
cgr
CVE-2022-24823 vulnerabilities
2024-05-19 03:07:16
CVE-2022-25647 vulnerabilities
2024-05-19 03:07:16
prion
prion
Code injection
2022-03-17 16:15:00
Deserialization of untrusted data
2022-05-01 16:15:00
Information disclosure
2022-05-06 12:15:00
ubuntucve
ubuntucve
CVE-2021-44906
2022-03-17 00:00:00
CVE-2022-25647
2022-05-01 00:00:00
CVE-2022-24823
2022-05-06 00:00:00
veracode
veracode
Prototype Pollution
2022-03-18 02:42:04
Denial Of Service (DoS)
2022-05-04 14:43:44
Information Disclosure
2022-05-09 05:01:24
githubexploit
githubexploit
Exploit for Prototype Pollution in Substack Minimist
2023-10-02 15:20:35
debiancve
debiancve
CVE-2021-44906
2022-03-17 16:15:00
CVE-2022-25647
2022-05-01 16:15:00
CVE-2022-24823
2022-05-06 12:15:00
redos
redos
ROS-20240507-05
2024-05-07 00:00:00
cvelist
cvelist
CVE-2021-44906
2022-03-17 13:05:57
CVE-2022-25647 Deserialization of Untrusted Data
2022-05-01 00:00:00
CVE-2022-24823 Local Information Disclosure Vulnerability in io.netty:netty-codec-http
2022-05-06 12:05:11
cve
cve
CVE-2021-44906
2022-03-17 16:15:07
CVE-2022-25647
2022-05-01 16:15:00
CVE-2022-24823
2022-05-06 12:15:00
osv
osv
Prototype Pollution in minimist
2022-03-18 00:01:09
Deserialization of Untrusted Data in Gson
2022-05-03 00:00:44
CVE-2022-25647
2022-05-01 16:15:08
github
github
Prototype Pollution in minimist
2022-03-18 00:01:09
Deserialization of Untrusted Data in Gson
2022-05-03 00:00:44
Local Information Disclosure Vulnerability in io.netty:netty-codec-http
2022-05-10 08:46:50
mageia
mageia
Updated nodejs-minimist packages fix security vulnerability
2023-02-07 03:06:39
Updated google-gson packages fix security vulnerability
2022-09-21 21:15:27
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0035)
2023-03-28 00:00:00
Debian: Security Advisory (DLA-3001-1)
2022-05-14 00:00:00
Debian: Security Advisory (DLA-3100-1)
2022-09-08 00:00:00
f5
f5
K00994461 : GSON vulnerability CVE-2022-25647
2022-08-29 00:00:00
atlassian
atlassian
com.google.code.gson Vulnerability in Bitbucket Data Center and Server
2023-10-04 19:45:55
DoS (Denial of Service) com.google.code.gson:gson in Jira Software Data Center and Server
2023-11-12 13:45:35
Third-Party Dependency Vulnerability in Jira Service Management Data Center and Server
2023-08-17 00:00:56
debian
debian
[SECURITY] [DSA 5227-1] libgoogle-gson-java security update
2022-09-07 10:22:18
broadcom
broadcom
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization
2023-08-29 00:00:00
Oracle Java SE Multiple Vulnerabilities (July 2022 CPU update) CVE-2022-21540 CVE-2022-21541 CVE-2022-21549 CVE-2022-25647 CVE-2022-34169
2023-08-29 00:00:00
wolfi
wolfi
CVE-2022-25647 vulnerabilities
2024-06-02 22:01:16
alpinelinux
alpinelinux
CVE-2022-25647
2022-05-01 16:15:00
redhatcve
redhatcve
CVE-2022-25647
2022-05-02 07:38:06
CVE-2022-24823
2022-05-17 15:01:10
CVE-2021-44906
2022-03-19 23:40:42
thn
thn
Solving the indirect vulnerability enigma - fixing indirect vulnerabilities without breaking your dependency tree
2022-07-01 09:45:00
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
2023-09-22 08:00:00
almalinux
almalinux
Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-01-23 00:00:00
Moderate: nodejs:14 security, bug fix, and enhancement update
2023-01-09 00:00:00
Moderate: nodejs:16 security, bug fix, and enhancement update
2022-12-15 00:00:00
oraclelinux
oraclelinux
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-01-24 00:00:00
nodejs:14 security, bug fix, and enhancement update
2023-01-09 00:00:00
rocky
rocky
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-01-23 14:30:11
nodejs:14 security, bug fix, and enhancement update
2023-01-09 14:24:14
nodejs:16 security, bug fix, and enhancement update
2022-12-15 15:42:25
hivepro
hivepro
Critical Security Vulnerabilities Discovered in Atlassian Products
2023-09-27 10:22:43
freebsd
freebsd
cassandra3 -- multiple vulnerabilities
2023-01-11 00:00:00
checkpoint_advisories
checkpoint_advisories
JavaScript Prototype Pollution (CVE-2020-28269; CVE-2020-28272; CVE-2020-28273; CVE-2020-28442; CVE-2020-28458; CVE-2020-28472; CVE-2020-7778; CVE-2020-8158; CVE-2020-8203; CVE-2021-25912; CVE-2021-44906)
2020-06-21 00:00:00

0.012 Low

EPSS

Percentile

85.5%

JSON
Related for RHSA-2022:5893
nessus44redhat24ibm48cgr2prion3ubuntucve3veracode3githubexploit1debiancve3redos1cvelist3cve3osv13github3mageia2openvas18f51atlassian3debian1broadcom2wolfi1alpinelinux1redhatcve3thn2almalinux3oraclelinux2rocky3hivepro1freebsd1checkpoint_advisories1