RHSA-2021:4861
- Source
- https://access.redhat.com/errata/RHSA-2021:4861
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2021:4861.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2021:4861
- Related
- Published
- 2024-09-29T18:14:16Z
- Modified
- 2024-10-27T19:29:40Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.0 Security release
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2021:4861
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=1981533
- https://bugzilla.redhat.com/show_bug.cgi?id=1981544
- https://bugzilla.redhat.com/show_bug.cgi?id=2014356
- https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4861.json
- https://access.redhat.com/security/cve/CVE-2021-3712
- https://bugzilla.redhat.com/show_bug.cgi?id=1995634
- https://www.cve.org/CVERecord?id=CVE-2021-3712
- https://nvd.nist.gov/vuln/detail/CVE-2021-3712
- https://www.openssl.org/news/secadv/20210824.txt
- https://access.redhat.com/security/cve/CVE-2021-23840
- https://bugzilla.redhat.com/show_bug.cgi?id=1930324
- https://www.cve.org/CVERecord?id=CVE-2021-23840
- https://nvd.nist.gov/vuln/detail/CVE-2021-23840
- https://www.openssl.org/news/secadv/20210216.txt
- https://access.redhat.com/security/cve/CVE-2021-23841
- https://bugzilla.redhat.com/show_bug.cgi?id=1930310
- https://www.cve.org/CVERecord?id=CVE-2021-23841
- https://nvd.nist.gov/vuln/detail/CVE-2021-23841
- https://access.redhat.com/security/cve/CVE-2021-30640
- https://www.cve.org/CVERecord?id=CVE-2021-30640
- https://nvd.nist.gov/vuln/detail/CVE-2021-30640
- https://access.redhat.com/security/cve/CVE-2021-33037
- https://www.cve.org/CVERecord?id=CVE-2021-33037
- https://nvd.nist.gov/vuln/detail/CVE-2021-33037
- https://access.redhat.com/security/cve/CVE-2021-42340
- https://www.cve.org/CVERecord?id=CVE-2021-42340
- https://nvd.nist.gov/vuln/detail/CVE-2021-42340
- http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.12
- http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.0-M6
- http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.72
- http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.54
- https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E
Affected packages
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat
Package
- Name
- jws5-tomcat
- Purl
- pkg:rpm/redhat/jws5-tomcat
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-admin-webapps
Package
- Name
- jws5-tomcat-admin-webapps
- Purl
- pkg:rpm/redhat/jws5-tomcat-admin-webapps
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-docs-webapp
Package
- Name
- jws5-tomcat-docs-webapp
- Purl
- pkg:rpm/redhat/jws5-tomcat-docs-webapp
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-el-3.0-api
Package
- Name
- jws5-tomcat-el-3.0-api
- Purl
- pkg:rpm/redhat/jws5-tomcat-el-3.0-api
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-java-jdk11
Package
- Name
- jws5-tomcat-java-jdk11
- Purl
- pkg:rpm/redhat/jws5-tomcat-java-jdk11
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-java-jdk8
Package
- Name
- jws5-tomcat-java-jdk8
- Purl
- pkg:rpm/redhat/jws5-tomcat-java-jdk8
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-javadoc
Package
- Name
- jws5-tomcat-javadoc
- Purl
- pkg:rpm/redhat/jws5-tomcat-javadoc
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-jsp-2.3-api
Package
- Name
- jws5-tomcat-jsp-2.3-api
- Purl
- pkg:rpm/redhat/jws5-tomcat-jsp-2.3-api
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-lib
Package
- Name
- jws5-tomcat-lib
- Purl
- pkg:rpm/redhat/jws5-tomcat-lib
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-native
Package
- Name
- jws5-tomcat-native
- Purl
- pkg:rpm/redhat/jws5-tomcat-native
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-native-debuginfo
Package
- Name
- jws5-tomcat-native-debuginfo
- Purl
- pkg:rpm/redhat/jws5-tomcat-native-debuginfo
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-selinux
Package
- Name
- jws5-tomcat-selinux
- Purl
- pkg:rpm/redhat/jws5-tomcat-selinux
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-servlet-4.0-api
Package
- Name
- jws5-tomcat-servlet-4.0-api
- Purl
- pkg:rpm/redhat/jws5-tomcat-servlet-4.0-api
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-vault
Package
- Name
- jws5-tomcat-vault
- Purl
- pkg:rpm/redhat/jws5-tomcat-vault
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-vault-javadoc
Package
- Name
- jws5-tomcat-vault-javadoc
- Purl
- pkg:rpm/redhat/jws5-tomcat-vault-javadoc
Red Hat:jboss_enterprise_web_server:5.6::el7 / jws5-tomcat-webapps
Package
- Name
- jws5-tomcat-webapps
- Purl
- pkg:rpm/redhat/jws5-tomcat-webapps
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat
Package
- Name
- jws5-tomcat
- Purl
- pkg:rpm/redhat/jws5-tomcat
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-admin-webapps
Package
- Name
- jws5-tomcat-admin-webapps
- Purl
- pkg:rpm/redhat/jws5-tomcat-admin-webapps
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-docs-webapp
Package
- Name
- jws5-tomcat-docs-webapp
- Purl
- pkg:rpm/redhat/jws5-tomcat-docs-webapp
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-el-3.0-api
Package
- Name
- jws5-tomcat-el-3.0-api
- Purl
- pkg:rpm/redhat/jws5-tomcat-el-3.0-api
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-javadoc
Package
- Name
- jws5-tomcat-javadoc
- Purl
- pkg:rpm/redhat/jws5-tomcat-javadoc
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-jsp-2.3-api
Package
- Name
- jws5-tomcat-jsp-2.3-api
- Purl
- pkg:rpm/redhat/jws5-tomcat-jsp-2.3-api
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-lib
Package
- Name
- jws5-tomcat-lib
- Purl
- pkg:rpm/redhat/jws5-tomcat-lib
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-native
Package
- Name
- jws5-tomcat-native
- Purl
- pkg:rpm/redhat/jws5-tomcat-native
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-native-debuginfo
Package
- Name
- jws5-tomcat-native-debuginfo
- Purl
- pkg:rpm/redhat/jws5-tomcat-native-debuginfo
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-selinux
Package
- Name
- jws5-tomcat-selinux
- Purl
- pkg:rpm/redhat/jws5-tomcat-selinux
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-servlet-4.0-api
Package
- Name
- jws5-tomcat-servlet-4.0-api
- Purl
- pkg:rpm/redhat/jws5-tomcat-servlet-4.0-api
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-vault
Package
- Name
- jws5-tomcat-vault
- Purl
- pkg:rpm/redhat/jws5-tomcat-vault
Red Hat:jboss_enterprise_web_server:5.6::el8 / jws5-tomcat-vault-javadoc
Package
- Name
- jws5-tomcat-vault-javadoc
- Purl
- pkg:rpm/redhat/jws5-tomcat-vault-javadoc