RHSA-2022:4919
- Source
- https://access.redhat.com/errata/RHSA-2022:4919
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2022:4919.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2022:4919
- Related
- Published
- 2024-09-29T19:09:55Z
- Modified
- 2024-10-28T01:30:45Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 8
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2022:4919
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=2004133
- https://bugzilla.redhat.com/show_bug.cgi?id=2004135
- https://bugzilla.redhat.com/show_bug.cgi?id=2031958
- https://bugzilla.redhat.com/show_bug.cgi?id=2039403
- https://bugzilla.redhat.com/show_bug.cgi?id=2041472
- https://bugzilla.redhat.com/show_bug.cgi?id=2044596
- https://bugzilla.redhat.com/show_bug.cgi?id=2047200
- https://bugzilla.redhat.com/show_bug.cgi?id=2047343
- https://bugzilla.redhat.com/show_bug.cgi?id=2060725
- https://bugzilla.redhat.com/show_bug.cgi?id=2060929
- https://bugzilla.redhat.com/show_bug.cgi?id=2063601
- https://bugzilla.redhat.com/show_bug.cgi?id=2064226
- https://bugzilla.redhat.com/show_bug.cgi?id=2064698
- https://bugzilla.redhat.com/show_bug.cgi?id=2072009
- https://bugzilla.redhat.com/show_bug.cgi?id=2073890
- https://issues.redhat.com/browse/JBEAP-23121
- https://issues.redhat.com/browse/JBEAP-23171
- https://issues.redhat.com/browse/JBEAP-23194
- https://issues.redhat.com/browse/JBEAP-23241
- https://issues.redhat.com/browse/JBEAP-23299
- https://issues.redhat.com/browse/JBEAP-23300
- https://issues.redhat.com/browse/JBEAP-23312
- https://issues.redhat.com/browse/JBEAP-23313
- https://issues.redhat.com/browse/JBEAP-23336
- https://issues.redhat.com/browse/JBEAP-23338
- https://issues.redhat.com/browse/JBEAP-23339
- https://issues.redhat.com/browse/JBEAP-23351
- https://issues.redhat.com/browse/JBEAP-23353
- https://issues.redhat.com/browse/JBEAP-23429
- https://issues.redhat.com/browse/JBEAP-23432
- https://issues.redhat.com/browse/JBEAP-23451
- https://issues.redhat.com/browse/JBEAP-23531
- https://issues.redhat.com/browse/JBEAP-23532
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4919.json
- https://access.redhat.com/security/cve/CVE-2020-36518
- https://www.cve.org/CVERecord?id=CVE-2020-36518
- https://nvd.nist.gov/vuln/detail/CVE-2020-36518
- https://github.com/advisories/GHSA-57j2-w4cx-62h2
- https://access.redhat.com/security/cve/CVE-2021-37136
- https://www.cve.org/CVERecord?id=CVE-2021-37136
- https://nvd.nist.gov/vuln/detail/CVE-2021-37136
- https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv
- https://access.redhat.com/security/cve/CVE-2021-37137
- https://www.cve.org/CVERecord?id=CVE-2021-37137
- https://nvd.nist.gov/vuln/detail/CVE-2021-37137
- https://access.redhat.com/security/cve/CVE-2021-42392
- https://www.cve.org/CVERecord?id=CVE-2021-42392
- https://nvd.nist.gov/vuln/detail/CVE-2021-42392
- https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
- https://access.redhat.com/security/cve/CVE-2021-43797
- https://www.cve.org/CVERecord?id=CVE-2021-43797
- https://nvd.nist.gov/vuln/detail/CVE-2021-43797
- https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq
- https://access.redhat.com/security/cve/CVE-2022-0084
- https://www.cve.org/CVERecord?id=CVE-2022-0084
- https://nvd.nist.gov/vuln/detail/CVE-2022-0084
- https://access.redhat.com/security/cve/CVE-2022-0853
- https://www.cve.org/CVERecord?id=CVE-2022-0853
- https://nvd.nist.gov/vuln/detail/CVE-2022-0853
- https://access.redhat.com/security/cve/CVE-2022-0866
- https://www.cve.org/CVERecord?id=CVE-2022-0866
- https://nvd.nist.gov/vuln/detail/CVE-2022-0866
- https://access.redhat.com/security/cve/CVE-2022-1319
- https://www.cve.org/CVERecord?id=CVE-2022-1319
- https://nvd.nist.gov/vuln/detail/CVE-2022-1319
- https://access.redhat.com/security/cve/CVE-2022-21299
- https://www.cve.org/CVERecord?id=CVE-2022-21299
- https://nvd.nist.gov/vuln/detail/CVE-2022-21299
- https://access.redhat.com/security/cve/CVE-2022-21363
- https://www.cve.org/CVERecord?id=CVE-2022-21363
- https://nvd.nist.gov/vuln/detail/CVE-2022-21363
- https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
- https://access.redhat.com/security/cve/CVE-2022-23221
- https://www.cve.org/CVERecord?id=CVE-2022-23221
- https://nvd.nist.gov/vuln/detail/CVE-2022-23221
- https://github.com/advisories/GHSA-45hx-wfhj-473x
- https://access.redhat.com/security/cve/CVE-2022-23437
- https://www.cve.org/CVERecord?id=CVE-2022-23437
- https://nvd.nist.gov/vuln/detail/CVE-2022-23437
- https://access.redhat.com/security/cve/CVE-2022-23913
- https://www.cve.org/CVERecord?id=CVE-2022-23913
- https://nvd.nist.gov/vuln/detail/CVE-2022-23913
- https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
- https://access.redhat.com/security/cve/CVE-2022-24785
- https://www.cve.org/CVERecord?id=CVE-2022-24785
- https://nvd.nist.gov/vuln/detail/CVE-2022-24785
- https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
Affected packages
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-jackson-databind
Package
- Name
- eap7-jackson-databind
- Purl
- pkg:rpm/redhat/eap7-jackson-databind
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty
Package
- Name
- eap7-netty
- Purl
- pkg:rpm/redhat/eap7-netty
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-all
Package
- Name
- eap7-netty-all
- Purl
- pkg:rpm/redhat/eap7-netty-all
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-buffer
Package
- Name
- eap7-netty-buffer
- Purl
- pkg:rpm/redhat/eap7-netty-buffer
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec
Package
- Name
- eap7-netty-codec
- Purl
- pkg:rpm/redhat/eap7-netty-codec
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-dns
Package
- Name
- eap7-netty-codec-dns
- Purl
- pkg:rpm/redhat/eap7-netty-codec-dns
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-haproxy
Package
- Name
- eap7-netty-codec-haproxy
- Purl
- pkg:rpm/redhat/eap7-netty-codec-haproxy
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-http
Package
- Name
- eap7-netty-codec-http
- Purl
- pkg:rpm/redhat/eap7-netty-codec-http
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-http2
Package
- Name
- eap7-netty-codec-http2
- Purl
- pkg:rpm/redhat/eap7-netty-codec-http2
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-memcache
Package
- Name
- eap7-netty-codec-memcache
- Purl
- pkg:rpm/redhat/eap7-netty-codec-memcache
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-mqtt
Package
- Name
- eap7-netty-codec-mqtt
- Purl
- pkg:rpm/redhat/eap7-netty-codec-mqtt
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-redis
Package
- Name
- eap7-netty-codec-redis
- Purl
- pkg:rpm/redhat/eap7-netty-codec-redis
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-smtp
Package
- Name
- eap7-netty-codec-smtp
- Purl
- pkg:rpm/redhat/eap7-netty-codec-smtp
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-socks
Package
- Name
- eap7-netty-codec-socks
- Purl
- pkg:rpm/redhat/eap7-netty-codec-socks
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-stomp
Package
- Name
- eap7-netty-codec-stomp
- Purl
- pkg:rpm/redhat/eap7-netty-codec-stomp
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-codec-xml
Package
- Name
- eap7-netty-codec-xml
- Purl
- pkg:rpm/redhat/eap7-netty-codec-xml
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-common
Package
- Name
- eap7-netty-common
- Purl
- pkg:rpm/redhat/eap7-netty-common
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-handler
Package
- Name
- eap7-netty-handler
- Purl
- pkg:rpm/redhat/eap7-netty-handler
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-handler-proxy
Package
- Name
- eap7-netty-handler-proxy
- Purl
- pkg:rpm/redhat/eap7-netty-handler-proxy
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-resolver
Package
- Name
- eap7-netty-resolver
- Purl
- pkg:rpm/redhat/eap7-netty-resolver
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-resolver-dns
Package
- Name
- eap7-netty-resolver-dns
- Purl
- pkg:rpm/redhat/eap7-netty-resolver-dns
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-resolver-dns-classes-macos
Package
- Name
- eap7-netty-resolver-dns-classes-macos
- Purl
- pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-transport
Package
- Name
- eap7-netty-transport
- Purl
- pkg:rpm/redhat/eap7-netty-transport
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-transport-classes-epoll
Package
- Name
- eap7-netty-transport-classes-epoll
- Purl
- pkg:rpm/redhat/eap7-netty-transport-classes-epoll
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-transport-classes-kqueue
Package
- Name
- eap7-netty-transport-classes-kqueue
- Purl
- pkg:rpm/redhat/eap7-netty-transport-classes-kqueue
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-transport-native-unix-common
Package
- Name
- eap7-netty-transport-native-unix-common
- Purl
- pkg:rpm/redhat/eap7-netty-transport-native-unix-common
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-transport-rxtx
Package
- Name
- eap7-netty-transport-rxtx
- Purl
- pkg:rpm/redhat/eap7-netty-transport-rxtx
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-transport-sctp
Package
- Name
- eap7-netty-transport-sctp
- Purl
- pkg:rpm/redhat/eap7-netty-transport-sctp
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-netty-transport-udt
Package
- Name
- eap7-netty-transport-udt
- Purl
- pkg:rpm/redhat/eap7-netty-transport-udt
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-h2database
Package
- Name
- eap7-h2database
- Purl
- pkg:rpm/redhat/eap7-h2database
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-jboss-xnio-base
Package
- Name
- eap7-jboss-xnio-base
- Purl
- pkg:rpm/redhat/eap7-jboss-xnio-base
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly-http-client
Package
- Name
- eap7-wildfly-http-client
- Purl
- pkg:rpm/redhat/eap7-wildfly-http-client
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly-http-client-common
Package
- Name
- eap7-wildfly-http-client-common
- Purl
- pkg:rpm/redhat/eap7-wildfly-http-client-common
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly-http-ejb-client
Package
- Name
- eap7-wildfly-http-ejb-client
- Purl
- pkg:rpm/redhat/eap7-wildfly-http-ejb-client
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly-http-naming-client
Package
- Name
- eap7-wildfly-http-naming-client
- Purl
- pkg:rpm/redhat/eap7-wildfly-http-naming-client
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly-http-transaction-client
Package
- Name
- eap7-wildfly-http-transaction-client
- Purl
- pkg:rpm/redhat/eap7-wildfly-http-transaction-client
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly
Package
- Name
- eap7-wildfly
- Purl
- pkg:rpm/redhat/eap7-wildfly
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly-javadocs
Package
- Name
- eap7-wildfly-javadocs
- Purl
- pkg:rpm/redhat/eap7-wildfly-javadocs
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-wildfly-modules
Package
- Name
- eap7-wildfly-modules
- Purl
- pkg:rpm/redhat/eap7-wildfly-modules
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-undertow
Package
- Name
- eap7-undertow
- Purl
- pkg:rpm/redhat/eap7-undertow
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-xerces-j2
Package
- Name
- eap7-xerces-j2
- Purl
- pkg:rpm/redhat/eap7-xerces-j2
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis
Package
- Name
- eap7-activemq-artemis
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-cli
Package
- Name
- eap7-activemq-artemis-cli
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-cli
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-commons
Package
- Name
- eap7-activemq-artemis-commons
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-commons
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-core-client
Package
- Name
- eap7-activemq-artemis-core-client
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-core-client
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-dto
Package
- Name
- eap7-activemq-artemis-dto
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-dto
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-hornetq-protocol
Package
- Name
- eap7-activemq-artemis-hornetq-protocol
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-hqclient-protocol
Package
- Name
- eap7-activemq-artemis-hqclient-protocol
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-jdbc-store
Package
- Name
- eap7-activemq-artemis-jdbc-store
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-jms-client
Package
- Name
- eap7-activemq-artemis-jms-client
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-jms-client
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-jms-server
Package
- Name
- eap7-activemq-artemis-jms-server
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-jms-server
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-journal
Package
- Name
- eap7-activemq-artemis-journal
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-journal
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-ra
Package
- Name
- eap7-activemq-artemis-ra
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-ra
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-selector
Package
- Name
- eap7-activemq-artemis-selector
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-selector
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-server
Package
- Name
- eap7-activemq-artemis-server
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-server
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-service-extensions
Package
- Name
- eap7-activemq-artemis-service-extensions
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-service-extensions
Red Hat:jboss_enterprise_application_platform:7.4::el8 / eap7-activemq-artemis-tools
Package
- Name
- eap7-activemq-artemis-tools
- Purl
- pkg:rpm/redhat/eap7-activemq-artemis-tools