Important: Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.17 security update

🗓️ 25 Oct 2023 14:53:30Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 64 Views

Red Hat support for Spring Boot 2.7.17 security update with undertow and apache-johnzon fixe

Reporter	Title	Published	Views	Family All 2505
IBM Security Bulletins	Security Bulletin: There is a vulnerability in HTTP/2 protocol used by Netty on IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-44487)	5 Apr 202415:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ is vulnerable to issues in Eclipse (CVE-2023-4218, CVE-2023-44487)	29 Feb 202421:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager November 2023 - Multiple CVEs addressed	15 Nov 202313:37	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Storage Scale System	16 Sep 202418:20	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities	15 Apr 202503:05	–	ibm
IBM Security Bulletins	Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester	21 Dec 202317:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common (CVE-2023-44487)	15 Dec 202316:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to denial of service due to HTTP/2 Rapid Reset vulnerability (CVE-2023-44487)	15 Nov 202320:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components	28 Mar 202415:34	–	ibm
IBM Security Bulletins	Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008	4 Apr 202413:25	–	ibm

Source	Link
access	www.access.redhat.com/jbossnetwork/restricted/listSoftware.html
access	www.access.redhat.com/security/updates/classification/
access	www.access.redhat.com/security/vulnerabilities/RHSB-2023-003
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

02 Jun 2026 15:03Current

7High risk

Vulners AI Score7

CVSS 3.17.5

EPSS0.94395

SSVC

red hat support spring boot 2.7.17 openshift containerized platform undertow http/2 ddos attack rapid reset attack cve-2023-44487 apache-johnzon bigdecimal cve-2023-33008 cvss score security bulletin