JBoss Web Server Security Update
Red Hat has released a security update for the JBoss Web Server 2. The patch addresses multiple vulnerabilities affecting the OpenSSL and Apache Tomcat components – issues include memory leakage and a denial of service (DoS) flaw.
This content has been archived
This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk
Summary
Red Hat has released a security update for the JBoss Web Server 2. The patch addresses multiple vulnerabilities affecting the OpenSSL and Apache Tomcat components – issues include memory leakage and a denial of service (DoS) flaw.
Threat details
The security update addresses the following CVEs:
- CVE-2016-6304
- CVE-2016-8610
- CVE-2017-5647
- CVE-2017-5664
Remediation advice
Users and administrators are encouraged to review the following Red Hat Security Advisory and apply the necessary updates:CVE Vulnerabilities
Last edited: 17 February 2020 11:33 am