Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2021:3471
HistorySep 08, 2021 - 11:48 a.m.

(RHSA-2021:3471) Important: Red Hat JBoss Enterprise Application Platform 7.3.9 security update

2021-09-0811:48:32
access.redhat.com
52

0.002 Low

EPSS

Percentile

54.3%

JSON

This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

  • undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)

  • undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)

  • jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)

  • apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)

  • wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

nessus 26
redhat 26
cve 5
osv 12
debiancve 4
ubuntucve 4
cvelist 5
ibm 51
veracode 3
redhatcve 5
prion 5
nvd 5
github 5
amazon 1
openvas 5
suse 1
broadcom 1
ubuntu 1
attackerkb 1
debian 1
redos 6
oracle 9
nessus
nessus
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 6 (Important) (RHSA-2021:3466)
2022-09-15 00:00:00
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 7 (Important) (RHSA-2021:3467)
2022-09-15 00:00:00
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 8 (Important) (RHSA-2021:3468)
2022-09-15 00:00:00
redhat
redhat
(RHSA-2021:3516) Important: EAP XP 2 security update to CVE fixes in the EAP 7.3.x base
2021-09-13 17:30:33
(RHSA-2021:3466) Important: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 6
2021-09-08 11:38:57
(RHSA-2021:3468) Important: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 8
2021-09-08 11:39:05
cve
cve
CVE-2021-28170
2021-05-26 22:15:07
CVE-2021-29425
2021-04-13 07:15:12
CVE-2021-3690
2022-08-23 16:15:09
osv
osv
CVE-2021-28170
2021-05-26 22:15:07
Improper Input Validation in Jakarta Expression Language
2021-10-06 17:48:38
commons-io - security update
2021-08-12 00:00:00
debiancve
debiancve
CVE-2021-28170
2021-05-26 22:15:07
CVE-2021-29425
2021-04-13 07:15:12
CVE-2021-3597
2022-05-24 19:15:09
ubuntucve
ubuntucve
CVE-2021-28170
2021-05-26 00:00:00
CVE-2021-29425
2021-04-13 00:00:00
CVE-2021-3690
2022-08-23 00:00:00
cvelist
cvelist
CVE-2021-28170
2021-05-26 21:55:09
CVE-2021-29425 Possible limited path traversal vulnerabily in Apache Commons IO
2021-04-13 06:50:12
CVE-2021-3690
2022-08-23 15:50:35
ibm
ibm
Security Bulletin: IBM Sterling Control Center is vulnerable to remote attacker security restrictions bypass due to Eclipse EE4J Jakarta Expression Language (CVE-2021-28170)
2022-06-13 17:43:38
Security Bulletin: IBM Transparent Cloud Tiering is affected by a vulnerability in Apache Commons IO ( CVE-2021-29425)
2021-08-14 03:30:51
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons IO
2021-07-08 19:42:34
veracode
veracode
Insecure Token
2021-12-27 00:42:17
Directory Traversal
2021-04-13 06:39:15
Denial Of Service (DoS)
2021-12-27 00:41:34
redhatcve
redhatcve
CVE-2021-28170
2021-05-28 00:47:39
CVE-2021-29425
2021-04-12 21:16:13
CVE-2021-3690
2021-08-09 01:56:47
prion
prion
Code injection
2021-05-26 22:15:00
Path traversal
2021-04-13 07:15:00
Denial of service
2022-05-24 19:15:00
nvd
nvd
CVE-2021-28170
2021-05-26 22:15:07
CVE-2021-29425
2021-04-13 07:15:12
CVE-2021-3690
2022-08-23 16:15:09
github
github
Improper Input Validation in Jakarta Expression Language
2021-10-06 17:48:38
Path Traversal and Improper Input Validation in Apache Commons IO
2021-04-26 16:04:00
Undertow vulnerable to memory exhaustion due to buffer leak
2022-07-15 21:07:20
amazon
amazon
Medium: apache-commons-io
2023-05-25 17:41:00
openvas
openvas
openSUSE: Security Advisory for apache-commons-io (openSUSE-SU-2021:0605-1)
2021-04-24 00:00:00
Ubuntu: Security Advisory (USN-5095-1)
2021-09-30 00:00:00
Debian: Security Advisory (DLA-2741-1)
2021-08-13 00:00:00
suse
suse
Security update for apache-commons-io (moderate)
2021-04-23 00:00:00
broadcom
broadcom
Apache Commons IO Vulnerability (CVE-2021-29425)
2023-12-18 00:00:00
ubuntu
ubuntu
Apache Commons IO vulnerability
2021-09-29 00:00:00
attackerkb
attackerkb
CVE-2021-29425
2021-04-13 00:00:00
debian
debian
[SECURITY] [DLA 2741-1] commons-io security update
2021-08-12 20:18:44
redos
redos
ROS-2-604
2021-09-08 00:00:00
ROS-2-815
2021-09-08 00:00:00
ROS-2-626
2021-09-08 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00

0.002 Low

EPSS

Percentile

54.3%

JSON
Related for RHSA-2021:3471
nessus26redhat26cve5osv12debiancve4ubuntucve4cvelist5ibm51veracode3redhatcve5prion5nvd5github5amazon1openvas5suse1broadcom1ubuntu1attackerkb1debian1redos6oracle9