Vulnerability Database
Blog
FAQ
Docs
RHSA-2015:2659
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2015:2659
Import Source
https://security.access.redhat.com/data/osv/RHSA-2015:2659.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2015:2659
Related
CVE-2013-5704
CVE-2014-0230
CVE-2014-3581
CVE-2015-3183
CVE-2015-5174
Published
2024-09-15T23:02:33Z
Modified
2024-11-22T09:15:29Z
Severity
4.3 (Medium)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.2 security update
Details
References
https://access.redhat.com/errata/RHSA-2015:2659
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1082903
https://bugzilla.redhat.com/show_bug.cgi?id=1191200
https://bugzilla.redhat.com/show_bug.cgi?id=1243887
https://bugzilla.redhat.com/show_bug.cgi?id=1263879
https://issues.redhat.com/browse/JWS-219
https://issues.redhat.com/browse/JWS-220
https://issues.redhat.com/browse/JWS-228
https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2659.json
https://access.redhat.com/security/cve/CVE-2013-5704
https://www.cve.org/CVERecord?id=CVE-2013-5704
https://nvd.nist.gov/vuln/detail/CVE-2013-5704
https://access.redhat.com/security/cve/CVE-2014-0230
https://www.cve.org/CVERecord?id=CVE-2014-0230
https://nvd.nist.gov/vuln/detail/CVE-2014-0230
http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44
http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55
http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9
https://access.redhat.com/security/cve/CVE-2014-3581
https://bugzilla.redhat.com/show_bug.cgi?id=1149709
https://www.cve.org/CVERecord?id=CVE-2014-3581
https://nvd.nist.gov/vuln/detail/CVE-2014-3581
https://access.redhat.com/security/cve/CVE-2015-3183
https://www.cve.org/CVERecord?id=CVE-2015-3183
https://nvd.nist.gov/vuln/detail/CVE-2015-3183
https://access.redhat.com/security/cve/CVE-2015-5174
https://bugzilla.redhat.com/show_bug.cgi?id=1265698
https://www.cve.org/CVERecord?id=CVE-2015-5174
https://nvd.nist.gov/vuln/detail/CVE-2015-5174
http://seclists.org/bugtraq/2016/Feb/149
Affected packages
Red Hat:jboss_enterprise_web_server:3.0::el6
/
apache-commons-collections-eap6
Package
Name
apache-commons-collections-eap6
Purl
pkg:rpm/redhat/apache-commons-collections-eap6
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.2.1-18.redhat_7.1.ep6.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
apache-commons-collections-tomcat-eap6
Package
Name
apache-commons-collections-tomcat-eap6
Purl
pkg:rpm/redhat/apache-commons-collections-tomcat-eap6
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.2.1-18.redhat_7.1.ep6.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24
Package
Name
httpd24
Purl
pkg:rpm/redhat/httpd24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-debuginfo
Package
Name
httpd24-debuginfo
Purl
pkg:rpm/redhat/httpd24-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-devel
Package
Name
httpd24-devel
Purl
pkg:rpm/redhat/httpd24-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-manual
Package
Name
httpd24-manual
Purl
pkg:rpm/redhat/httpd24-manual
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
httpd24-tools
Package
Name
httpd24-tools
Purl
pkg:rpm/redhat/httpd24-tools
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_bmx
Package
Name
mod_bmx
Purl
pkg:rpm/redhat/mod_bmx
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.9.5-7.GA.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_bmx-debuginfo
Package
Name
mod_bmx-debuginfo
Purl
pkg:rpm/redhat/mod_bmx-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.9.5-7.GA.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_cluster-native
Package
Name
mod_cluster-native
Purl
pkg:rpm/redhat/mod_cluster-native
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.3.1-6.Final_redhat_2.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_cluster-native-debuginfo
Package
Name
mod_cluster-native-debuginfo
Purl
pkg:rpm/redhat/mod_cluster-native-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.3.1-6.Final_redhat_2.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_ldap24
Package
Name
mod_ldap24
Purl
pkg:rpm/redhat/mod_ldap24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_proxy24_html
Package
Name
mod_proxy24_html
Purl
pkg:rpm/redhat/mod_proxy24_html
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_session24
Package
Name
mod_session24
Purl
pkg:rpm/redhat/mod_session24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
mod_ssl24
Package
Name
mod_ssl24
Purl
pkg:rpm/redhat/mod_ssl24
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:2.4.6-59.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat-vault
Package
Name
tomcat-vault
Purl
pkg:rpm/redhat/tomcat-vault
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.8-4.Final_redhat_4.1.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7
Package
Name
tomcat7
Purl
pkg:rpm/redhat/tomcat7
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-admin-webapps
Package
Name
tomcat7-admin-webapps
Purl
pkg:rpm/redhat/tomcat7-admin-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-docs-webapp
Package
Name
tomcat7-docs-webapp
Purl
pkg:rpm/redhat/tomcat7-docs-webapp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-el-2.2-api
Package
Name
tomcat7-el-2.2-api
Purl
pkg:rpm/redhat/tomcat7-el-2.2-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-javadoc
Package
Name
tomcat7-javadoc
Purl
pkg:rpm/redhat/tomcat7-javadoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-jsp-2.2-api
Package
Name
tomcat7-jsp-2.2-api
Purl
pkg:rpm/redhat/tomcat7-jsp-2.2-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-lib
Package
Name
tomcat7-lib
Purl
pkg:rpm/redhat/tomcat7-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-log4j
Package
Name
tomcat7-log4j
Purl
pkg:rpm/redhat/tomcat7-log4j
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-servlet-3.0-api
Package
Name
tomcat7-servlet-3.0-api
Purl
pkg:rpm/redhat/tomcat7-servlet-3.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat7-webapps
Package
Name
tomcat7-webapps
Purl
pkg:rpm/redhat/tomcat7-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:7.0.59-42_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8
Package
Name
tomcat8
Purl
pkg:rpm/redhat/tomcat8
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-admin-webapps
Package
Name
tomcat8-admin-webapps
Purl
pkg:rpm/redhat/tomcat8-admin-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-docs-webapp
Package
Name
tomcat8-docs-webapp
Purl
pkg:rpm/redhat/tomcat8-docs-webapp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-el-2.2-api
Package
Name
tomcat8-el-2.2-api
Purl
pkg:rpm/redhat/tomcat8-el-2.2-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-javadoc
Package
Name
tomcat8-javadoc
Purl
pkg:rpm/redhat/tomcat8-javadoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-jsp-2.3-api
Package
Name
tomcat8-jsp-2.3-api
Purl
pkg:rpm/redhat/tomcat8-jsp-2.3-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-lib
Package
Name
tomcat8-lib
Purl
pkg:rpm/redhat/tomcat8-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-log4j
Package
Name
tomcat8-log4j
Purl
pkg:rpm/redhat/tomcat8-log4j
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-servlet-3.1-api
Package
Name
tomcat8-servlet-3.1-api
Purl
pkg:rpm/redhat/tomcat8-servlet-3.1-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
Red Hat:jboss_enterprise_web_server:3.0::el6
/
tomcat8-webapps
Package
Name
tomcat8-webapps
Purl
pkg:rpm/redhat/tomcat8-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0.18-52_patch_01.ep7.el6
RHSA-2015:2659 - OSV