Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
RHSA-2026:20405
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2026:20405
Import Source
https://security.access.redhat.com/data/osv/RHSA-2026:20405.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2026:20405
Upstream
CVE-2026-24880
CVE-2026-25854
CVE-2026-29145
CVE-2026-29146
CVE-2026-34483
CVE-2026-34487
CVE-2026-34500
Published
2026-05-27T10:07:08Z
Modified
2026-07-03T10:11:14Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.3 release and security update
Details
References
https://access.redhat.com/errata/RHSA-2026:20405
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/en/documentation/red_hat_jboss_web_server/6.2/html/red_hat_jboss_web_server_6.2_service_pack_3_release_notes/index
https://bugzilla.redhat.com/show_bug.cgi?id=2457020
https://bugzilla.redhat.com/show_bug.cgi?id=2457037
https://bugzilla.redhat.com/show_bug.cgi?id=2457038
https://bugzilla.redhat.com/show_bug.cgi?id=2457039
https://bugzilla.redhat.com/show_bug.cgi?id=2457040
https://bugzilla.redhat.com/show_bug.cgi?id=2457043
https://bugzilla.redhat.com/show_bug.cgi?id=2457044
https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20405.json
https://access.redhat.com/security/cve/CVE-2026-24880
https://www.cve.org/CVERecord?id=CVE-2026-24880
https://nvd.nist.gov/vuln/detail/CVE-2026-24880
https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn
https://access.redhat.com/security/cve/CVE-2026-25854
https://www.cve.org/CVERecord?id=CVE-2026-25854
https://nvd.nist.gov/vuln/detail/CVE-2026-25854
https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0
https://access.redhat.com/security/cve/CVE-2026-29145
https://www.cve.org/CVERecord?id=CVE-2026-29145
https://nvd.nist.gov/vuln/detail/CVE-2026-29145
https://lists.apache.org/thread/yz5fxmhd2j43wgqykssdo7kltws57jfz
https://access.redhat.com/security/cve/CVE-2026-29146
https://www.cve.org/CVERecord?id=CVE-2026-29146
https://nvd.nist.gov/vuln/detail/CVE-2026-29146
https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w
https://access.redhat.com/security/cve/CVE-2026-34483
https://www.cve.org/CVERecord?id=CVE-2026-34483
https://nvd.nist.gov/vuln/detail/CVE-2026-34483
https://lists.apache.org/thread/j1w7304yonlr8vo1tkb5nfs7od1y228b
https://access.redhat.com/security/cve/CVE-2026-34487
https://www.cve.org/CVERecord?id=CVE-2026-34487
https://nvd.nist.gov/vuln/detail/CVE-2026-34487
https://lists.apache.org/thread/4xpkwolpkrj8v5xzp5nyovtlqp3y850h
https://access.redhat.com/security/cve/CVE-2026-34500
https://www.cve.org/CVERecord?id=CVE-2026-34500
https://nvd.nist.gov/vuln/detail/CVE-2026-34500
https://lists.apache.org/thread/7rcl4zdxryc8hy3htyfyxkbqpxjtfdl2
Affected packages
Red Hat:jboss_enterprise_web_server:6.2::el10
jws6-tomcat
Package
Name
jws6-tomcat
Purl
pkg:rpm/redhat/jws6-tomcat
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-admin-webapps
Package
Name
jws6-tomcat-admin-webapps
Purl
pkg:rpm/redhat/jws6-tomcat-admin-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-docs-webapp
Package
Name
jws6-tomcat-docs-webapp
Purl
pkg:rpm/redhat/jws6-tomcat-docs-webapp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-el-5.0-api
Package
Name
jws6-tomcat-el-5.0-api
Purl
pkg:rpm/redhat/jws6-tomcat-el-5.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-javadoc
Package
Name
jws6-tomcat-javadoc
Purl
pkg:rpm/redhat/jws6-tomcat-javadoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-jsp-3.1-api
Package
Name
jws6-tomcat-jsp-3.1-api
Purl
pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-lib
Package
Name
jws6-tomcat-lib
Purl
pkg:rpm/redhat/jws6-tomcat-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-selinux
Package
Name
jws6-tomcat-selinux
Purl
pkg:rpm/redhat/jws6-tomcat-selinux
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-servlet-6.0-api
Package
Name
jws6-tomcat-servlet-6.0-api
Purl
pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-webapps
Package
Name
jws6-tomcat-webapps
Purl
pkg:rpm/redhat/jws6-tomcat-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el10jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
Red Hat:jboss_enterprise_web_server:6.2::el8
jws6-tomcat
Package
Name
jws6-tomcat
Purl
pkg:rpm/redhat/jws6-tomcat
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-admin-webapps
Package
Name
jws6-tomcat-admin-webapps
Purl
pkg:rpm/redhat/jws6-tomcat-admin-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-docs-webapp
Package
Name
jws6-tomcat-docs-webapp
Purl
pkg:rpm/redhat/jws6-tomcat-docs-webapp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-el-5.0-api
Package
Name
jws6-tomcat-el-5.0-api
Purl
pkg:rpm/redhat/jws6-tomcat-el-5.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-javadoc
Package
Name
jws6-tomcat-javadoc
Purl
pkg:rpm/redhat/jws6-tomcat-javadoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-jsp-3.1-api
Package
Name
jws6-tomcat-jsp-3.1-api
Purl
pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-lib
Package
Name
jws6-tomcat-lib
Purl
pkg:rpm/redhat/jws6-tomcat-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-selinux
Package
Name
jws6-tomcat-selinux
Purl
pkg:rpm/redhat/jws6-tomcat-selinux
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-servlet-6.0-api
Package
Name
jws6-tomcat-servlet-6.0-api
Purl
pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-webapps
Package
Name
jws6-tomcat-webapps
Purl
pkg:rpm/redhat/jws6-tomcat-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el8jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
Red Hat:jboss_enterprise_web_server:6.2::el9
jws6-tomcat
Package
Name
jws6-tomcat
Purl
pkg:rpm/redhat/jws6-tomcat
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-admin-webapps
Package
Name
jws6-tomcat-admin-webapps
Purl
pkg:rpm/redhat/jws6-tomcat-admin-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-docs-webapp
Package
Name
jws6-tomcat-docs-webapp
Purl
pkg:rpm/redhat/jws6-tomcat-docs-webapp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-el-5.0-api
Package
Name
jws6-tomcat-el-5.0-api
Purl
pkg:rpm/redhat/jws6-tomcat-el-5.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-javadoc
Package
Name
jws6-tomcat-javadoc
Purl
pkg:rpm/redhat/jws6-tomcat-javadoc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-jsp-3.1-api
Package
Name
jws6-tomcat-jsp-3.1-api
Purl
pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-lib
Package
Name
jws6-tomcat-lib
Purl
pkg:rpm/redhat/jws6-tomcat-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-selinux
Package
Name
jws6-tomcat-selinux
Purl
pkg:rpm/redhat/jws6-tomcat-selinux
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-servlet-6.0-api
Package
Name
jws6-tomcat-servlet-6.0-api
Purl
pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
jws6-tomcat-webapps
Package
Name
jws6-tomcat-webapps
Purl
pkg:rpm/redhat/jws6-tomcat-webapps
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:10.1.49-13.redhat_00011.1.el9jws
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:20405.json"
RHSA-2026:20405 - OSV