(RHSA-2018:2663) Critical: Red Hat JBoss Enterprise Application Platform 5.2 security update

2018-09-10T18:42:21
ID RHSA-2018:2663
Type redhat
Reporter RedHat
Modified 2018-09-10T18:42:41

Description

Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas.

This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2.

Security Fix(es):

  • Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit.html.Paint2DResource. (CVE-2018-12533)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.