RHSA-2022:5928: Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.Security Fix(es): com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647) org.jboss.hal-hal-parent: minimist: prototype pollution (CVE-2021-44906) netty: world readable temporary file containing sensitive data (CVE-2022-24823) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:5928?
The severity of RHSA-2022:5928 is classified as important.
How do I fix RHSA-2022:5928?
To fix RHSA-2022:5928, update to Red Hat JBoss Enterprise Application Platform 7.4.6 or later.
What products are affected by RHSA-2022:5928?
RHSA-2022:5928 affects Red Hat JBoss Enterprise Application Platform 7.4.5 and earlier versions.
Is RHSA-2022:5928 a critical vulnerability?
RHSA-2022:5928 is not classified as a critical vulnerability but is important for maintaining application security.
Where can I find more information on RHSA-2022:5928?
Details about RHSA-2022:5928 can be found in the official Red Hat advisory and related release notes.