RHSA-2020:2509: Important: Red Hat JBoss Web Server 5.3.1 security update
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (modcluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.This release of Red Hat JBoss Web Server 5.3.1 serves as a replacement for Red Hat JBoss Web Server 5.3.0, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References.Security Fix(es): tomcat: Apache Tomcat Remote Code Execution via session persistence (CVE-2020-9484) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:2509?
The severity of RHSA-2020:2509 is classified as important.
How do I fix RHSA-2020:2509?
To fix RHSA-2020:2509, you need to apply the relevant security patches provided by Red Hat.
What components are affected by RHSA-2020:2509?
RHSA-2020:2509 affects the Red Hat JBoss Web Server and its components including the Apache Tomcat Servlet container.
Is RHSA-2020:2509 applicable to all versions of Red Hat JBoss Web Server?
RHSA-2020:2509 may not be applicable to all versions; it is important to check the specific version affected.
Where can I find more information about RHSA-2020:2509?
More information about RHSA-2020:2509 can be found in the Red Hat Security Advisory.