Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:1194
HistoryMar 06, 2024 - 3:35 p.m.

(RHSA-2024:1194) Moderate: Red Hat JBoss Enterprise Application Platform 8.0.1 security update

2024-03-0615:35:48
access.redhat.com
14
red hat jboss
java applications
wildfly application runtime
security update
arbitrary file overwrite
information exposure
denial of service
prefix truncation attack
cve-2023-4759
cve-2023-35887
cve-2023-4043
cve-2023-48795
cvss score
references section
unix

7.2 High

AI Score

Confidence

High

0.963 High

EPSS

Percentile

99.5%

JSON

Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.0, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.0 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

  • jgit: arbitrary file overwrite (CVE-2023-4759)

  • sshd-common: apache-mina-sshd: information exposure in SFTP server implementations (CVE-2023-35887)

  • parsson: Denial of Service due to large number parsing (CVE-2023-4043)

  • apache-sshd: ssh: Prefix truncation attack on Binary Packet Protocol (CVE-2023-48795)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

redhat 6
nessus 58
osv 15
ibm 15
redhatcve 3
nvd 3
cvelist 4
prion 4
github 4
veracode 5
cve 3
atlassian 1
cnvd 1
openvas 39
debiancve 1
ubuntucve 2
fedora 10
amazon 1
mageia 5
cbl_mariner 7
ubuntu 1
almalinux 1
debian 3
oraclelinux 2
freebsd 1
paloalto 1
rosalinux 1
redos 1
freebsd_advisory 1
redhat
redhat
(RHSA-2024:1192) Moderate: Red Hat JBoss Enterprise Application Platform 8.0.1 security update
2024-03-06 15:25:45
(RHSA-2024:1193) Moderate: Red Hat JBoss Enterprise Application Platform 8.0.1 security update
2024-03-06 15:25:47
(RHSA-2024:0722) Important: Red Hat build of Quarkus 3.2.10 release and security update
2024-02-12 15:22:24
nessus
nessus
RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.1 (RHSA-2024:1193)
2024-03-06 00:00:00
RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.0.1 (RHSA-2024:1192)
2024-03-06 00:00:00
RHEL 8 : apache-mina-sshd (Unpatched Vulnerability)
2024-05-11 00:00:00
osv
osv
Apache MINA SSHD information disclosure vulnerability
2023-07-10 18:30:49
CVE-2023-35887
2023-07-10 16:15:53
Eclipse Parsson Denial of Service vulnerability
2023-11-03 09:32:49
ibm
ibm
Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to information disclosure due to Apache MINA SSHD (CVE-2023-35887)
2023-09-30 04:29:27
Security Bulletin: IBM Event Processing is vulnerable to a denial of service (CVE-2023-4043).
2024-02-16 08:30:03
Security Bulletin: Vulnerability in jgit affect Cloud Pak System [CVE-2023-4759]
2024-01-03 18:17:39
redhatcve
redhatcve
CVE-2023-35887
2023-09-21 13:24:39
CVE-2023-4043
2023-12-14 18:33:38
CVE-2023-4759
2023-09-12 19:54:09
nvd
nvd
CVE-2023-35887
2023-07-10 16:15:53
CVE-2023-4759
2023-09-12 10:15:29
CVE-2023-4043
2023-11-03 09:15:13
cvelist
cvelist
CVE-2023-35887 Apache MINA SSHD: Information disclosure bugs with RootedFilesystem
2023-07-10 09:28:54
CVE-2023-4043 Parsson DoS when parsing numbers from untrusted sources
2023-11-03 08:11:39
CVE-2023-4759 Improper handling of case insensitive filesystems in Eclipse JGit allows arbitrary file write
2023-09-12 09:12:10
prion
prion
Design/Logic Flaw
2023-07-10 16:15:00
Input validation
2023-11-03 09:15:00
Design/Logic Flaw
2023-09-12 10:15:00
github
github
Apache MINA SSHD information disclosure vulnerability
2023-07-10 18:30:49
Eclipse Parsson Denial of Service vulnerability
2023-11-03 09:32:49
Arbitrary File Overwrite in Eclipse JGit
2023-09-18 15:30:18
veracode
veracode
Arbitrary File Overwrite
2023-09-21 11:12:57
Denial Of Service (DoS)
2023-11-07 05:32:30
Information Disclosure
2023-07-13 08:56:24
cve
cve
CVE-2023-4043
2023-11-03 09:15:13
CVE-2023-35887
2023-07-10 16:15:53
CVE-2023-4759
2023-09-12 10:15:29
atlassian
atlassian
RCE (Remote Code Execution) org.eclipse.jgit:org.eclipse.jgit Dependency in Bamboo Data Center and Server
2024-05-13 10:10:37
cnvd
cnvd
Apache MINA Information Disclosure Vulnerability
2023-07-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0057-1)
2024-01-09 00:00:00
openSUSE: Security Advisory for eclipse (SUSE-SU-2024:0057-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0210-1)
2024-01-25 00:00:00
debiancve
debiancve
CVE-2023-4759
2023-09-12 10:15:29
ubuntucve
ubuntucve
CVE-2023-4759
2023-09-12 00:00:00
CVE-2023-48795
2023-12-18 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: putty-0.80-1.fc38
2024-01-11 02:17:03
[SECURITY] Fedora 38 Update: podman-tui-0.15.0-1.fc38
2023-12-29 01:05:34
[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.7.0-1.fc39
2024-01-29 06:26:11
amazon
amazon
Medium: openssh
2023-12-18 09:20:00
mageia
mageia
Updated putty package fixes a security vulnerability (Terrapin attack)
2024-01-08 13:12:44
Updated dropbear package fixes a security vulnerability
2024-01-08 22:01:05
Updated filezilla packages fix a security vulnerability ("Terrapin attack")
2024-02-10 04:03:35
cbl_mariner
cbl_mariner
CVE-2023-48795 affecting package openssh for versions less than 8.9p1-4
2024-01-19 03:54:24
CVE-2023-48795 affecting package erlang for versions less than 25.2-2
2024-02-25 03:00:06
CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2
2024-06-26 09:08:30
ubuntu
ubuntu
Paramiko vulnerability
2024-01-25 00:00:00
almalinux
almalinux
Moderate: libssh security update
2024-01-31 00:00:00
debian
debian
[SECURITY] [DLA 3718-1] php-phpseclib security update
2024-01-25 02:26:07
[SECURITY] [DSA 5599-1] phpseclib security update
2024-01-12 07:13:27
[SECURITY] [DLA 3730-1] python-asyncssh security update
2024-02-01 00:13:38
oraclelinux
oraclelinux
openssh security update
2024-03-19 00:00:00
openssh security update
2024-02-13 00:00:00
freebsd
freebsd
putty -- add protocol extension against 'Terrapin attack'
2023-10-16 00:00:00
paloalto
paloalto
Impact of Terrapin SSH Attack
2024-01-09 01:30:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2382
2024-03-26 11:47:18
redos
redos
ROS-20240409-04
2024-04-09 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:19.openssh
2023-12-19 00:00:00

7.2 High

AI Score

Confidence

High

0.963 High

EPSS

Percentile

99.5%

JSON
Related for RHSA-2024:1194
redhat6nessus58osv15ibm15redhatcve3nvd3cvelist4prion4github4veracode5cve3atlassian1cnvd1openvas39debiancve1ubuntucve2fedora10amazon1mageia5cbl_mariner7ubuntu1almalinux1debian3oraclelinux2freebsd1paloalto1rosalinux1redos1freebsd_advisory1