(RHSA-2020:2333) Important: EAP Continuous Delivery Technical Preview Release 19 security update

2020-05-28T19:47:01
ID RHSA-2020:2333
Type redhat
Reporter RedHat
Modified 2020-05-28T19:47:33

Description

Red Hat JBoss Enterprise Application Platform CD19 is a platform for Java applications based on the WildFly application runtime.

This release of Red Hat JBoss Enterprise Application Platform CD19 includes bug fixes and enhancements.

Security Fix(es):

  • apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)

  • infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods (CVE-2019-10174)

  • undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888)

  • netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)

  • netty: HTTP request smuggling (CVE-2019-20444)

  • netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)

  • undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)

  • netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)

  • jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)

  • jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)

  • jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)

  • jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)

  • jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)

  • thrift: Endless loop when feed with specific input data (CVE-2019-0205)

  • thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)

  • cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12419)

  • cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)

  • jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540)

  • wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)

  • jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892)

  • jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893)

  • jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)

  • jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942)

  • jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943)

  • jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)

  • jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531)

  • cxf: reflected XSS in the services listing page (CVE-2019-17573)

  • jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)

  • resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)

  • jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

  • jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)

  • RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)

  • Soteria: security identity corruption across concurrent threads (CVE-2020-1732)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.