Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7



| Updated: 2025-03-25
Risk Critical
Patch available YES
Number of vulnerabilities 18
CVE-ID CVE-2022-46363
CVE-2022-42889
CVE-2022-1471
CVE-2020-8840
CVE-2022-42004
CVE-2022-42003
CVE-2022-45693
CVE-2022-45047
CVE-2020-9546
CVE-2022-41881
CVE-2021-45046
CVE-2021-44228
CVE-2020-9547
CVE-2021-3717
CVE-2020-10672
CVE-2020-9548
CVE-2020-10673
CVE-2020-13936
CWE-ID CWE-200
CWE-94
CWE-502
CWE-400
CWE-787
CWE-835
CWE-552
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Public exploit code for vulnerability #3 is available.
Public exploit code for vulnerability #4 is available.
Public exploit code for vulnerability #8 is available.
Vulnerability #11 is being exploited in the wild.
Vulnerability #12 is being exploited in the wild.
Public exploit code for vulnerability #13 is available.
Public exploit code for vulnerability #16 is available.
Public exploit code for vulnerability #17 is available.
Vulnerable software
 JBoss Enterprise Application Platform
Server applications / Application servers

eap7-wildfly (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-velocity (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-snakeyaml (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-resteasy (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-netty (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-jettison (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-jackson-databind (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-apache-cxf (Red Hat package)
Operating systems & Components / Operating system package or component

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 18 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU70443

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-46363

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. A remote attacker can gain list directories on the system or exfiltrate code.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Code Injection

EUVDB-ID: #VU68307

Risk: High

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2022-42889

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an insecure variable interpolation when processing untrusted input. A remote attacker can send a specially crafted input and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note, the vulnerability was dubbed Text4shell.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

3) Deserialization of Untrusted Data

EUVDB-ID: #VU70385

Risk: High

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2022-1471

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the SnakeYaml's Constructor() class. A remote attacker can pass specially crafted yaml content to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

4) Code Injection

EUVDB-ID: #VU25469

Risk: Medium

CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2020-8840

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to absence of xbean-reflect/JNDI gadget blocking. A remote attacker can pass specially crafted input to the application and execute arbitrary Java code on the system, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

5) Resource exhaustion

EUVDB-ID: #VU68832

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-42004

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control usage of deeply nested arrays in BeanDeserializer._deserializeFromArray. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Deserialization of Untrusted Data

EUVDB-ID: #VU68635

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-42003

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure input validation when processing serialized data when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. A remote attacker can pass specially crafted data to the application and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds write

EUVDB-ID: #VU71109

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-45693

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack..

The vulnerability exists due to a boundary error when processing data passed via the map parameter. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds write and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Deserialization of Untrusted Data

EUVDB-ID: #VU70530

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2022-45047

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider class. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

9) Deserialization of Untrusted Data

EUVDB-ID: #VU25830

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-9546

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data between serialization gadgets and typing. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: This vulnerability is related to:

  • org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config)

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Infinite loop

EUVDB-ID: #VU70118

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-41881

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the HaProxyMessageDecoder when parsing a TLV with type of "PP2_TYPE_SSL". A remote attacker can pass a specially crafted message to consume all available system resources and cause denial of service conditions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Code Injection

EUVDB-ID: #VU58976

Risk: High

CVSSv4.0: 9.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2021-45046

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to incomplete patch in Apache Log4j 2.15.0 for a code injection vulnerability #VU58816 (CVE-2021-44228) in certain non-default configurations. A remote attacker with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) can pass malicious data using a JNDI Lookup pattern and perform a denial of service (DoS) attack, exfiltrate data or execute arbitrary code.

Later discovery demonstrates a remote code execution on macOS but no other tested environments.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

12) Code Injection

EUVDB-ID: #VU58816

Risk: Critical

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2021-44228

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing LDAP requests. A remote attacker can send a specially crafted request to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note, we are aware of attackers exploiting the vulnerability in the wild.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

13) Deserialization of Untrusted Data

EUVDB-ID: #VU25831

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2020-9547

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data between serialization gadgets and typing. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: This vulnerability is related to:

  • com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap)

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

14) Files or Directories Accessible to External Parties

EUVDB-ID: #VU58178

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3717

CWE-ID: CWE-552 - Files or Directories Accessible to External Parties

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an incorrect JBOSS_LOCAL_USER challenge location. A local unprivileged user can access any user account on the affected system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Deserialization of Untrusted Data

EUVDB-ID: #VU26493

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-10672

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Deserialization of Untrusted Data

EUVDB-ID: #VU25832

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2020-9548

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data between serialization gadgets and typing. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: This vulnerability is related to:

  • br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core)

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

17) Deserialization of Untrusted Data

EUVDB-ID: #VU26494

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2020-10673

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

18) Code Injection

EUVDB-ID: #VU51511

Risk: High

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-13936

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote attacker with ability to modify Velocity templates can inject and execute arbitrary Java code on the system with the same privileges as the account running the Servlet container.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

JBoss Enterprise Application Platform: 7.1.0 - 7.1.8

eap7-wildfly (Red Hat package): before 7.1.9-2.GA_redhat_00002.1.ep7.el7

eap7-velocity (Red Hat package): before 1.7.0-3.redhat_00006.1.ep7.el7

eap7-snakeyaml (Red Hat package): before 1.33.0-1.SP1_redhat_00001.1.ep7.el7

eap7-resteasy (Red Hat package): before 3.0.27-1.Final_redhat_00001.1.ep7.el7

eap7-netty (Red Hat package): before 4.1.63-1.Final_redhat_00002.1.ep7.el7

eap7-jettison (Red Hat package): before 1.3.8-2.redhat_00002.1.ep7.el7

eap7-jackson-databind (Red Hat package): before 2.8.11.6-2.SP1_redhat_00002.1.ep7.el7

eap7-apache-cxf (Red Hat package): before 3.1.16-4.redhat_00003.1.ep7.el7

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2025:1746


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###