{"id":"RHSA-2022:0401","summary":"Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.3 security update","modified":"2026-03-18T11:31:41.213360Z","published":"2024-09-16T06:45:52Z","upstream":["CVE-2021-20318","CVE-2021-3859"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2022:0401"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010378"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010559"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22100"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22104"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22106"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22108"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22373"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22505"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22575"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22582"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22586"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22587"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22590"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22609"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22642"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22668"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22679"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22692"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22693"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22740"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22754"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22793"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22822"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22823"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22833"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-22851"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0401.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3859"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-3859"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3859"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-20318"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-20318"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20318"}],"affected":[{"package":{"name":"eap7-undertow","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.4::el8","purl":"pkg:rpm/redhat/eap7-undertow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.13-1.SP2_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:0401.json"}},{"package":{"name":"eap7-hornetq","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.4::el8","purl":"pkg:rpm/redhat/eap7-hornetq"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.8-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:0401.json"}},{"package":{"name":"eap7-hornetq-commons","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.4::el8","purl":"pkg:rpm/redhat/eap7-hornetq-commons"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.8-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:0401.json"}},{"package":{"name":"eap7-hornetq-core-client","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.4::el8","purl":"pkg:rpm/redhat/eap7-hornetq-core-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.8-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:0401.json"}},{"package":{"name":"eap7-hornetq-jms-client","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.4::el8","purl":"pkg:rpm/redhat/eap7-hornetq-jms-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.8-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:0401.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}