5 matches found
Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update
This is a security update for JBoss EAP Continuous Delivery 14.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
CVE-2017-7492
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7503. Reason: This candidate is a reservation duplicate of CVE-2017-7503. Notes: All CVE users should reference CVE-2017-7503 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2017-7503
CVE-2017-7503 affects Red Hat JBoss EAP 7.0.5 where javax.xml.transform.TransformerFactory is vulnerable to XXE, enabling DoS/SSRF and local file disclosure. The issue is caused by the TransformerFactory implementation in EAP 7.0.5 and is tied to the XSL/XML processing path. In the linked advisor...
CVE-2017-7492
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7503. Reason: This candidate is a reservation duplicate of CVE-2017-7503. Notes: All CVE users should reference CVE-2017-7503 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2017-7492
CVE-2017-7492 is a reservation duplicate of CVE-2017-7503 (reference: CVE-2017-7503). The connected data confirm that the Red Hat JBoss EAP 7.0.5 TransformerFactory is vulnerable to XXE, enabling DoS/SSRF or local file access. Red Hat advisories link to CVE-2017-7503 as the relevant fix, and down...