RHSA-2025:3990

See a problem?
Please try reporting it to the source first.

Source

https://access.redhat.com/errata/RHSA-2025:3990

Import Source

https://security.access.redhat.com/data/osv/RHSA-2025:3990.json

JSON Data

https://api.osv.dev/v1/vulns/RHSA-2025:3990

Upstream

CVE-2024-3884

CVE-2025-23367

Published

2025-12-06T10:04:52Z

Modified

2025-12-06T10:33:51.275547Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.7 security update

Details

References

Affected packages

Red Hat:jboss_enterprise_application_platform:8.0::el9

eap8-apache-commons-io

Package

Name: eap8-apache-commons-io
Purl: pkg:rpm/redhat/eap8-apache-commons-io

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.16.1-1.redhat_00001.1.el9eap

eap8-bouncycastle

Package

Name: eap8-bouncycastle
Purl: pkg:rpm/redhat/eap8-bouncycastle

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.80.0-1.redhat_00001.1.el9eap

eap8-bouncycastle-jmail

Package

Name: eap8-bouncycastle-jmail
Purl: pkg:rpm/redhat/eap8-bouncycastle-jmail

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.80.0-1.redhat_00001.1.el9eap

eap8-bouncycastle-pg

Package

Name: eap8-bouncycastle-pg
Purl: pkg:rpm/redhat/eap8-bouncycastle-pg

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.80.0-1.redhat_00001.1.el9eap

eap8-bouncycastle-pkix

Package

Name: eap8-bouncycastle-pkix
Purl: pkg:rpm/redhat/eap8-bouncycastle-pkix

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.80.0-1.redhat_00001.1.el9eap

eap8-bouncycastle-prov

Package

Name: eap8-bouncycastle-prov
Purl: pkg:rpm/redhat/eap8-bouncycastle-prov

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.80.0-1.redhat_00001.1.el9eap

eap8-bouncycastle-util

Package

Name: eap8-bouncycastle-util
Purl: pkg:rpm/redhat/eap8-bouncycastle-util

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.80.0-1.redhat_00001.1.el9eap

eap8-eap-product-conf-parent

Package

Name: eap8-eap-product-conf-parent
Purl: pkg:rpm/redhat/eap8-eap-product-conf-parent

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:800.7.0-2.GA_redhat_00002.1.el9eap

eap8-eap-product-conf-wildfly-ee-feature-pack

Package

Name: eap8-eap-product-conf-wildfly-ee-feature-pack
Purl: pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:800.7.0-2.GA_redhat_00002.1.el9eap

eap8-hibernate

Package

Name: eap8-hibernate
Purl: pkg:rpm/redhat/eap8-hibernate

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:6.2.35-1.Final_redhat_00001.1.el9eap

eap8-hibernate-core

Package

Name: eap8-hibernate-core
Purl: pkg:rpm/redhat/eap8-hibernate-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:6.2.35-1.Final_redhat_00001.1.el9eap

eap8-hibernate-envers

Package

Name: eap8-hibernate-envers
Purl: pkg:rpm/redhat/eap8-hibernate-envers

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:6.2.35-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar

Package

Name: eap8-ironjacamar
Purl: pkg:rpm/redhat/eap8-ironjacamar

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-common-api

Package

Name: eap8-ironjacamar-common-api
Purl: pkg:rpm/redhat/eap8-ironjacamar-common-api

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-common-impl

Package

Name: eap8-ironjacamar-common-impl
Purl: pkg:rpm/redhat/eap8-ironjacamar-common-impl

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-common-spi

Package

Name: eap8-ironjacamar-common-spi
Purl: pkg:rpm/redhat/eap8-ironjacamar-common-spi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-core-api

Package

Name: eap8-ironjacamar-core-api
Purl: pkg:rpm/redhat/eap8-ironjacamar-core-api

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-core-impl

Package

Name: eap8-ironjacamar-core-impl
Purl: pkg:rpm/redhat/eap8-ironjacamar-core-impl

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-deployers-common

Package

Name: eap8-ironjacamar-deployers-common
Purl: pkg:rpm/redhat/eap8-ironjacamar-deployers-common

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-jdbc

Package

Name: eap8-ironjacamar-jdbc
Purl: pkg:rpm/redhat/eap8-ironjacamar-jdbc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-ironjacamar-validator

Package

Name: eap8-ironjacamar-validator
Purl: pkg:rpm/redhat/eap8-ironjacamar-validator

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.13-1.Final_redhat_00001.1.el9eap

eap8-jakarta-enterprise-concurrent

Package

Name: eap8-jakarta-enterprise-concurrent
Purl: pkg:rpm/redhat/eap8-jakarta-enterprise-concurrent

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.1-1.redhat_00001.1.el9eap

eap8-jsf-impl

Package

Name: eap8-jsf-impl
Purl: pkg:rpm/redhat/eap8-jsf-impl

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.0.11-1.redhat_00001.1.el9eap

eap8-reactive-streams

Package

Name: eap8-reactive-streams
Purl: pkg:rpm/redhat/eap8-reactive-streams

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.0.4-3.redhat_00004.1.el9eap

eap8-reactivex-rxjava

Package

Name: eap8-reactivex-rxjava
Purl: pkg:rpm/redhat/eap8-reactivex-rxjava

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.1.10-1.redhat_00001.1.el9eap

eap8-weld-core

Package

Name: eap8-weld-core
Purl: pkg:rpm/redhat/eap8-weld-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.1.5-1.Final_redhat_00001.1.el9eap

eap8-weld-core-impl

Package

Name: eap8-weld-core-impl
Purl: pkg:rpm/redhat/eap8-weld-core-impl

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.1.5-1.Final_redhat_00001.1.el9eap

eap8-weld-core-jsf

Package

Name: eap8-weld-core-jsf
Purl: pkg:rpm/redhat/eap8-weld-core-jsf

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.1.5-1.Final_redhat_00001.1.el9eap

eap8-weld-ejb

Package

Name: eap8-weld-ejb
Purl: pkg:rpm/redhat/eap8-weld-ejb

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.1.5-1.Final_redhat_00001.1.el9eap

eap8-weld-jta

Package

Name: eap8-weld-jta
Purl: pkg:rpm/redhat/eap8-weld-jta

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.1.5-1.Final_redhat_00001.1.el9eap

eap8-weld-lite-extension-translator

Package

Name: eap8-weld-lite-extension-translator
Purl: pkg:rpm/redhat/eap8-weld-lite-extension-translator

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.1.5-1.Final_redhat_00001.1.el9eap

eap8-weld-web

Package

Name: eap8-weld-web
Purl: pkg:rpm/redhat/eap8-weld-web

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.1.5-1.Final_redhat_00001.1.el9eap

eap8-wildfly

Package

Name: eap8-wildfly
Purl: pkg:rpm/redhat/eap8-wildfly

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:8.0.7-3.GA_redhat_00004.1.el9eap

eap8-wildfly-elytron

Package

Name: eap8-wildfly-elytron
Purl: pkg:rpm/redhat/eap8-wildfly-elytron

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.2.9-1.Final_redhat_00001.1.el9eap

eap8-wildfly-elytron-tool

Package

Name: eap8-wildfly-elytron-tool
Purl: pkg:rpm/redhat/eap8-wildfly-elytron-tool

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.2.9-1.Final_redhat_00001.1.el9eap

eap8-wildfly-java-jdk11

Package

Name: eap8-wildfly-java-jdk11
Purl: pkg:rpm/redhat/eap8-wildfly-java-jdk11

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:8.0.7-3.GA_redhat_00004.1.el9eap

eap8-wildfly-java-jdk17

Package

Name: eap8-wildfly-java-jdk17
Purl: pkg:rpm/redhat/eap8-wildfly-java-jdk17

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:8.0.7-3.GA_redhat_00004.1.el9eap

eap8-wildfly-java-jdk21

Package

Name: eap8-wildfly-java-jdk21
Purl: pkg:rpm/redhat/eap8-wildfly-java-jdk21

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:8.0.7-3.GA_redhat_00004.1.el9eap

eap8-wildfly-modules

Package

Name: eap8-wildfly-modules
Purl: pkg:rpm/redhat/eap8-wildfly-modules

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:8.0.7-3.GA_redhat_00004.1.el9eap