logo
DATABASE RESOURCES PRICING ABOUT US

RHEL 6 : JBoss EAP (RHSA-2018:1607)

Description

An update is now available for Red Hat JBoss Enterprise Application Platform 5 for Red Hat Enterprise Linux 5 and Red Hat JBoss Enterprise Application Platform 5 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for JBoss invoker in Red Hat JBoss Enterprise Application Platform 5.2.0. Security Fix(es) : * jbossas: Arbitrary code execution via unrestricted deserialization in ReadOnlyAccessFilter of HTTP Invoker. (CVE-2017-12149) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Joao F M Figueiredo for reporting this issue.


Related