Lucene search
RedHatRHSA-2024:2764HistoryMay 08, 2024 - 2:15 p.m.
(RHSA-2024:2764) Important: Red Hat JBoss Enterprise Application Platform 8.0 security update
2024-05-0814:15:22
access.redhat.com
3
red hat jboss
enterprise application platform
security update
cve-2023-4639
cve-2024-1459
cve-2023-1973
undertow
directory traversal
memory exhaustion
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 8.0.
Security Fix(es):
- undertow: Cookie Smuggling/Spoofing (CVE-2023-4639)
- undertow: Directory traversal vulnerability (CVE-2024-1459)
- undertow: Unrestricted request storage leads to memory exhaustion (CVE-2023-1973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | noarch | eap8-undertow | < 2.3.11-1.SP1_redhat_00001.1.el9eap | eap8-undertow-2.3.11-1.SP1_redhat_00001.1.el9eap.noarch.rpm |
| RedHat | 8 | noarch | eap8-undertow | < 2.3.11-1.SP1_redhat_00001.1.el8eap | eap8-undertow-2.3.11-1.SP1_redhat_00001.1.el8eap.noarch.rpm |
Related
nessus
nessus
redhat
redhat
redhatcve
redhatcve
prion
prion
Path traversal
2024-02-12 21:15:00
osv
osv
Undertow Path Traversal vulnerability
2024-02-12 21:30:55
ubuntucve
ubuntucve
github
github
Undertow Path Traversal vulnerability
2024-02-12 21:30:55
debiancve
debiancve
cvelist
cvelist
CVE-2024-1459 Undertow: directory traversal vulnerability
2024-02-12 20:30:03
cve
cve
CVE-2024-1459
2024-02-12 21:15:08
nvd
nvd
CVE-2024-1459
2024-02-12 21:15:08
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00