Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update

🗓️ 12 Jan 2023 20:54:52Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 38 Views

Red Hat JBoss EAP 7.4 security patch for Apache CXF SSRF Vulnerabilit

Reporter	Title	Published	Views	Family All 136
IBM Security Bulletins	Security Bulletin: Vulnerability found in cxf-core-3.5.4.jar which is shipped with IBM® Intelligent Operations Center(CVE-2022-46364)	5 Sep 202313:26	–	ibm
IBM Security Bulletins	Security Bulletin: server-side request forgery vulnerability in Apache CXF (CVE-2022-46364) may affect CICS TX Advanced	10 Mar 202316:00	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	7 Mar 202303:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to server-side request forgery due to Apache CXF (CVE-2022-46364)	20 Feb 202315:02	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server Liberty is vulnerable to server-side request forgery due to Apache CXF	16 Feb 202303:56	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Liberty shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2022-46364)	25 Oct 202407:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access (CVE-2023-46158, CVE-2023-0482, CVE-2022-46364, CVE-2023-28867)	17 Jan 202415:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities (CVE-2022-41946, CVE-2022-46364, CVE-2023-24998)	18 Jul 202306:05	–	ibm
IBM Security Bulletins	Security Bulletin: InfoSphere Identity Insight vulnerable to server-side request forgery due to Apache CXF (CVE-2022-46364)	16 Mar 202319:06	–	ibm
IBM Security Bulletins	Security Bulletin: server-side request forgery vulnerability in Apache CXF (CVE-2022-46364) may affect CICS TX Standard	10 Mar 202316:02	–	ibm

Source	Link
access	www.access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/
access	www.access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
access	www.access.redhat.com/security/updates/classification/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

27 Mar 2026 02:43Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.19.8

EPSS0.00103

SSVC

red hat jboss eap 7.4 security update apache cxf ssrf vulnerability