What is the severity of RHSA-2019:1421?

The severity of RHSA-2019:1421 is categorized as important.

How do I fix RHSA-2019:1421?

To fix RHSA-2019:1421, update to the fixed version of the affected packages as listed in the advisory.

What versions are affected by RHSA-2019:1421?

RHSA-2019:1421 affects multiple versions of Red Hat JBoss Enterprise Application Platform 7, specifically versions prior to 7.2.2.

Is RHSA-2019:1421 related to security vulnerabilities?

Yes, RHSA-2019:1421 addresses various security vulnerabilities within the Red Hat JBoss Enterprise Application Platform.

What packages are included in the fix for RHSA-2019:1421?

Several packages such as eap7-apache-commons-codec, eap7-apache-cxf, and eap7-hibernate are included in the fix for RHSA-2019:1421.

Vulnerability/
RHSA-2019:1421

CWE

10/6/2019

RHSA-2019:1421: Moderate: Red Hat JBoss Enterprise Application Platform 7.2.2 on RHEL 8 security update

First published: Mon Jun 10 2019(Updated: )

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. <br>This release of Red Hat JBoss Enterprise Application Platform 7.2.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.1, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.2 Release Notes for information on the most significant bug fixes and enhancements included in this release.<br>Security Fix(es):<br><li> picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)</li> <li> picketlink: URL injection via xinclude parameter (CVE-2019-3873)</li> <li> undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2019:1421?
The severity of RHSA-2019:1421 is categorized as important.
How do I fix RHSA-2019:1421?
To fix RHSA-2019:1421, update to the fixed version of the affected packages as listed in the advisory.
What versions are affected by RHSA-2019:1421?
RHSA-2019:1421 affects multiple versions of Red Hat JBoss Enterprise Application Platform 7, specifically versions prior to 7.2.2.
Is RHSA-2019:1421 related to security vulnerabilities?
Yes, RHSA-2019:1421 addresses various security vulnerabilities within the Red Hat JBoss Enterprise Application Platform.
What packages are included in the fix for RHSA-2019:1421?
Several packages such as eap7-apache-commons-codec, eap7-apache-cxf, and eap7-hibernate are included in the fix for RHSA-2019:1421.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/references
agent/title
agent/weakness
agent/remedy
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2019:1421
agent/software-canonical-lookup
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat