Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2020:0811
HistoryMar 12, 2020 - 4:53 p.m.

(RHSA-2020:0811) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 security update

2020-03-1216:53:58
access.redhat.com
55

0.009 Low

EPSS

Percentile

82.4%

JSON

This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

  • commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)

  • libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)

  • libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)

  • xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)

  • wildfly: The โ€˜enabled-protocolsโ€™ value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)

  • netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)

  • netty: HTTP request smuggling (CVE-2019-20444)

  • netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.

Related

redhat 17
nessus 31
osv 18
openvas 19
debian 5
fedora 4
ibm 54
ubuntu 3
gentoo 2
cve 5
prion 5
redhatcve 2
cvelist 5
veracode 5
nvd 5
debiancve 4
f5 1
github 4
ubuntucve 4
mageia 1
symantec 1
gitlab 1
suse 1
cgr 1
amazon 1
redhat
redhat
(RHSA-2020:0804) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 6 security update
2020-03-12 16:44:41
(RHSA-2020:0806) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 8 security update
2020-03-12 16:45:08
(RHSA-2020:0805) Important: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 7 security update
2020-03-12 16:44:49
nessus
nessus
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 6 (RHSA-2020:0804)
2020-03-16 00:00:00
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 8 (RHSA-2020:0806)
2020-03-16 00:00:00
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 7 (RHSA-2020:0805)
2020-03-16 00:00:00
osv
osv
netty - security update
2020-02-19 00:00:00
netty-3.9 vulnerabilities
2020-10-22 18:26:07
netty - security update
2020-09-04 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2109-1)
2020-02-20 00:00:00
Fedora: Security Advisory for netty (FEDORA-2020-66b5f85ccc)
2020-09-26 00:00:00
Ubuntu: Security Advisory (USN-4600-1)
2020-10-23 00:00:00
debian
debian
[SECURITY] [DLA 2109-1] netty security update
2020-02-19 18:04:02
[SECURITY] [DLA 2364-1] netty security update
2020-09-04 18:39:54
[SECURITY] [DLA 2110-1] netty-3.9 security update
2020-02-19 18:04:08
fedora
fedora
[SECURITY] Fedora 33 Update: jctools-3.1.0-1.fc33
2020-09-25 17:16:36
[SECURITY] Fedora 33 Update: netty-4.1.51-1.fc33
2020-09-25 17:16:37
[SECURITY] Fedora 30 Update: apache-commons-beanutils-1.9.4-1.fc30
2019-11-13 09:58:19
ibm
ibm
Security Bulletin: Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench affected by Netty vulnerabilities (CVE-2020-7238, CVE-2019-16869, CVE-2019-20445, CVE-2019-20444)
2020-03-05 11:02:07
Security Bulletin: Multiple vulnerabilities have been identified in Netty shipped with IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library (CVE-2019-20445, CVE-2019-20444)
2020-03-20 10:48:48
Security Bulletin: Multiple vulnerabilities in netty affect IBM Spectrum Scale Transparent Cloud Tiering (CVE-2019-20445, CVE-2019-20444)
2020-05-26 15:17:05
ubuntu
ubuntu
Netty vulnerabilities
2020-10-22 00:00:00
Netty vulnerabilities
2020-10-27 00:00:00
Netty vulnerabilities
2020-09-22 00:00:00
gentoo
gentoo
Apache Thrift: Multiple vulnerabilities
2021-07-14 00:00:00
Commons-BeanUtils: Improper Access Restriction
2024-05-08 00:00:00
cve
cve
CVE-2019-14887
2020-03-16 15:15:12
CVE-2019-20444
2020-01-29 21:15:11
CVE-2019-12400
2019-08-23 21:15:11
prion
prion
Design/Logic Flaw
2020-03-16 15:15:00
Design/Logic Flaw
2020-01-29 21:15:00
Design/Logic Flaw
2020-01-29 21:15:00
redhatcve
redhatcve
CVE-2019-14887
2020-04-04 11:04:48
CVE-2019-12400
2020-04-04 11:14:30
cvelist
cvelist
CVE-2019-14887
2020-03-16 14:48:09
CVE-2019-20445
2020-01-29 20:33:03
CVE-2019-12400
2019-08-23 20:30:33
veracode
veracode
HTTP Request Smuggling
2020-01-31 06:26:41
HTTP Request Smuggling
2020-01-30 04:36:31
Arbitrary Code Injection
2019-08-26 03:23:36
nvd
nvd
CVE-2019-20444
2020-01-29 21:15:11
CVE-2019-14887
2020-03-16 15:15:12
CVE-2019-20445
2020-01-29 21:15:11
debiancve
debiancve
CVE-2019-20444
2020-01-29 21:15:11
CVE-2019-20445
2020-01-29 21:15:11
CVE-2019-12400
2019-08-23 21:15:11
f5
f5
K14752415 : Netty vulnerability CVE-2019-20444
2020-07-13 00:00:00
github
github
HTTP Request Smuggling in Netty
2020-02-21 18:55:24
Improper input validation in Apache Santuario XML Security for Java
2019-08-27 17:41:33
HTTP Request Smuggling in Netty
2020-02-21 18:55:04
ubuntucve
ubuntucve
CVE-2019-20445
2020-01-29 00:00:00
CVE-2019-12400
2019-08-23 00:00:00
CVE-2019-20444
2020-01-29 00:00:00
mageia
mageia
Updated apache-commons-beanutils packages fix security vulnerability
2019-12-19 16:44:26
symantec
symantec
Apache Commons Beanutils CVE-2019-10086 Remote Security Vulnerability
2019-08-15 00:00:00
gitlab
gitlab
Out-of-bounds Read
2019-10-29 00:00:00
suse
suse
Security update for apache-commons-beanutils (important)
2019-09-03 00:00:00
cgr
cgr
CVE-2019-10086 vulnerabilities
2024-05-19 03:07:16
amazon
amazon
Important: apache-commons-beanutils
2020-02-17 19:50:00

0.009 Low

EPSS

Percentile

82.4%

JSON
Related for RHSA-2020:0811
redhat17nessus31osv18openvas19debian5fedora4ibm54ubuntu3gentoo2cve5prion5redhatcve2cvelist5veracode5nvd5debiancve4f51github4ubuntucve4mageia1symantec1gitlab1suse1cgr1amazon1