What is the severity of RHSA-2019:4018?

The severity of RHSA-2019:4018 is classified as important.

How do I fix RHSA-2019:4018?

To fix RHSA-2019:4018, update to the appropriate packages as specified in the advisory, such as eap7-apache-cxf to version 3.2.10-1.redhat_00001.1.el6ea.

What versions of Red Hat JBoss EAP are affected by RHSA-2019:4018?

RHSA-2019:4018 affects Red Hat JBoss EAP 7.2.4 and earlier versions.

What packages are mentioned in RHSA-2019:4018?

RHSA-2019:4018 lists several affected packages, including eap7-apache-cxf, eap7-hibernate, and eap7-wildfly among others.

How can I find more information about RHSA-2019:4018?

You can find more information about RHSA-2019:4018 in the Red Hat security advisory or through the official Red Hat website.

Vulnerability/
RHSA-2019:4018

26/11/2019

22/10/2024

RHSA-2019:4018: Important: Red Hat JBoss Enterprise Application Platform 7.2.5 on RHEL 6 security update

First published: Tue Nov 26 2019(Updated: )

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.<br>This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release.<br>Security Fix(es):<br><li> undertow: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)</li> <li> undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)</li> <li> undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)</li> <li> undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)</li> <li> wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default (CVE-2019-14838)</li> <li> wildfly: wildfly-security-manager: security manager authorization bypass (CVE-2019-14843)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Never miss a vulnerability like this again

Reference Links

https://access.redhat.com/errata/RHSA-2019:4018 (Advisory)

Frequently Asked Questions

What is the severity of RHSA-2019:4018?
The severity of RHSA-2019:4018 is classified as important.
How do I fix RHSA-2019:4018?
To fix RHSA-2019:4018, update to the appropriate packages as specified in the advisory, such as eap7-apache-cxf to version 3.2.10-1.redhat_00001.1.el6ea.
What versions of Red Hat JBoss EAP are affected by RHSA-2019:4018?
RHSA-2019:4018 affects Red Hat JBoss EAP 7.2.4 and earlier versions.
What packages are mentioned in RHSA-2019:4018?
RHSA-2019:4018 lists several affected packages, including eap7-apache-cxf, eap7-hibernate, and eap7-wildfly among others.
How can I find more information about RHSA-2019:4018?
You can find more information about RHSA-2019:4018 in the Red Hat security advisory or through the official Red Hat website.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/title
agent/remedy
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2019:4018
agent/software-canonical-lookup
agent/references
agent/tags
agent/event
agent/source
package-manager/redhat