First published: Wed Mar 29 2023(Updated: )
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.<br>This release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.<br>Security Fix(es):<br><li> SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)</li> <li> hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)</li> <li> Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)</li> <li> undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)</li> <li> snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)</li> <li> dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)</li> <li> codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)</li> <li> apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)</li> <li> RESTEasy: creation of insecure temp files (CVE-2023-0482)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/eap7-activemq-artemis-native | <1.0.2-3.redhat_00004.1.el9ea | 1.0.2-3.redhat_00004.1.el9ea |
redhat/eap7-apache-mime4j | <0.8.9-1.redhat_00001.1.el9ea | 0.8.9-1.redhat_00001.1.el9ea |
redhat/eap7-artemis-native | <1.0.2-4.redhat_00004.1.el9ea | 1.0.2-4.redhat_00004.1.el9ea |
redhat/eap7-artemis-wildfly-integration | <1.0.7-1.redhat_00001.1.el9ea | 1.0.7-1.redhat_00001.1.el9ea |
redhat/eap7-infinispan | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-ejb-client | <4.0.50-1.Final_redhat_00001.1.el9ea | 4.0.50-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-metadata | <13.4.0-1.Final_redhat_00001.1.el9ea | 13.4.0-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-server-migration | <1.10.0-26.Final_redhat_00025.1.el9ea | 1.10.0-26.Final_redhat_00025.1.el9ea |
redhat/eap7-jbossws-cxf | <5.4.8-1.Final_redhat_00001.1.el9ea | 5.4.8-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jbossws-spi | <3.4.0-2.Final_redhat_00001.1.el9ea | 3.4.0-2.Final_redhat_00001.1.el9ea |
redhat/eap7-netty | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-native-epoll | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-picketlink-federation | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-resteasy | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-snakeyaml | <1.33.0-2.SP1_redhat_00001.1.el9ea | 1.33.0-2.SP1_redhat_00001.1.el9ea |
redhat/eap7-undertow | <2.2.23-1.SP2_redhat_00001.1.el9ea | 2.2.23-1.SP2_redhat_00001.1.el9ea |
redhat/eap7-undertow-jastow | <2.0.14-1.Final_redhat_00001.1.el9ea | 2.0.14-1.Final_redhat_00001.1.el9ea |
redhat/eap7-wildfly | <7.4.10-6.GA_redhat_00002.1.el9ea | 7.4.10-6.GA_redhat_00002.1.el9ea |
redhat/eap7-wildfly-http-client | <1.1.16-1.Final_redhat_00002.1.el9ea | 1.1.16-1.Final_redhat_00002.1.el9ea |
redhat/eap7-artemis-native-wildfly | <1.0.2-4.redhat_00004.1.el9ea | 1.0.2-4.redhat_00004.1.el9ea |
redhat/eap7-infinispan-cachestore-jdbc | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-cachestore-remote | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-client-hotrod | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-commons | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-component-annotations | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-core | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-hibernate-cache-commons | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-hibernate-cache-spi | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-infinispan-hibernate-cache-v53 | <11.0.17-1.Final_redhat_00001.1.el9ea | 11.0.17-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-common-api | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-common-impl | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-common-spi | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-core-api | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-core-impl | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-deployers-common | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-jdbc | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-ironjacamar-validator | <1.5.11-1.Final_redhat_00001.1.el9ea | 1.5.11-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-metadata-appclient | <13.4.0-1.Final_redhat_00001.1.el9ea | 13.4.0-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-metadata-common | <13.4.0-1.Final_redhat_00001.1.el9ea | 13.4.0-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-metadata-ear | <13.4.0-1.Final_redhat_00001.1.el9ea | 13.4.0-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-metadata-ejb | <13.4.0-1.Final_redhat_00001.1.el9ea | 13.4.0-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-metadata-web | <13.4.0-1.Final_redhat_00001.1.el9ea | 13.4.0-1.Final_redhat_00001.1.el9ea |
redhat/eap7-jboss-server-migration-cli | <1.10.0-26.Final_redhat_00025.1.el9ea | 1.10.0-26.Final_redhat_00025.1.el9ea |
redhat/eap7-jboss-server-migration-core | <1.10.0-26.Final_redhat_00025.1.el9ea | 1.10.0-26.Final_redhat_00025.1.el9ea |
redhat/eap7-netty-buffer | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-dns | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-haproxy | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-http | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-http2 | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-memcache | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-mqtt | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-redis | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-smtp | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-socks | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-stomp | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-codec-xml | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-common | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-handler | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-handler-proxy | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-resolver | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-resolver-dns | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-resolver-dns-classes-macos | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-classes-epoll | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-classes-kqueue | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-native-epoll-debuginfo | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-native-unix-common | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-rxtx | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-sctp | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-netty-transport-udt | <4.1.86-1.Final_redhat_00001.1.el9ea | 4.1.86-1.Final_redhat_00001.1.el9ea |
redhat/eap7-picketlink-api | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-picketlink-common | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-picketlink-config | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-picketlink-idm-api | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-picketlink-idm-impl | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-picketlink-idm-simple-schema | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-picketlink-impl | <2.5.5-22.SP12_redhat_00012.1.el9ea | 2.5.5-22.SP12_redhat_00012.1.el9ea |
redhat/eap7-resteasy-atom-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-cdi | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-client | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-crypto | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-jackson-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-jackson2-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-jaxb-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-jaxrs | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-jettison-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-jose-jwt | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-jsapi | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-json-binding-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-json-p-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-multipart-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-rxjava2 | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-spring | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-validator-provider | <11-3.15.5-1.Final_redhat_00001.1.el9ea | 11-3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-resteasy-yaml-provider | <3.15.5-1.Final_redhat_00001.1.el9ea | 3.15.5-1.Final_redhat_00001.1.el9ea |
redhat/eap7-wildfly-http-client-common | <1.1.16-1.Final_redhat_00002.1.el9ea | 1.1.16-1.Final_redhat_00002.1.el9ea |
redhat/eap7-wildfly-http-ejb-client | <1.1.16-1.Final_redhat_00002.1.el9ea | 1.1.16-1.Final_redhat_00002.1.el9ea |
redhat/eap7-wildfly-http-naming-client | <1.1.16-1.Final_redhat_00002.1.el9ea | 1.1.16-1.Final_redhat_00002.1.el9ea |
redhat/eap7-wildfly-http-transaction-client | <1.1.16-1.Final_redhat_00002.1.el9ea | 1.1.16-1.Final_redhat_00002.1.el9ea |
redhat/eap7-wildfly-java-jdk11 | <7.4.10-6.GA_redhat_00002.1.el9ea | 7.4.10-6.GA_redhat_00002.1.el9ea |
redhat/eap7-wildfly-java-jdk17 | <7.4.10-6.GA_redhat_00002.1.el9ea | 7.4.10-6.GA_redhat_00002.1.el9ea |
redhat/eap7-wildfly-java-jdk8 | <7.4.10-6.GA_redhat_00002.1.el9ea | 7.4.10-6.GA_redhat_00002.1.el9ea |
redhat/eap7-wildfly-javadocs | <7.4.10-6.GA_redhat_00002.1.el9ea | 7.4.10-6.GA_redhat_00002.1.el9ea |
redhat/eap7-wildfly-modules | <7.4.10-6.GA_redhat_00002.1.el9ea | 7.4.10-6.GA_redhat_00002.1.el9ea |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.