VDB
RHSA-2019%3A3892
RHSA-2019%3A3892
PUBLISHED
CVSS 8.100000381469727 HIGH
A minor version update (from 7.4 to 7.5) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [2020-04-17 update: descriptions for mutiple components fixed for the same CVE added]
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Fuse 7.5.0 |
Exploit Intelligence
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告 (github-poc-repo)
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告 (github-poc-repo)
- tafamace/CVE-2017-17485 (github-poc-repo)
- tafamace/CVE-2017-17485 (github-poc-repo)
- cve-2017-17485 PoC (github-poc-repo)
- cve-2017-17485 PoC (github-poc-repo)
- CVE-2017-17485:Jackson-databind RCE (github-poc-repo)
- CVE-2017-17485:Jackson-databind RCE (github-poc-repo)
- shoucheng3/square__retrofit_CVE-2018-1000850_2-4-0 (github-poc)
- shoucheng3/square__retrofit_CVE-2018-1000850_2-4-0 (github-poc)
…and 51 more exploits
Timeline
- Nov 14, 2019 CVE Published
- Apr 5, 2026 Distribution Patch
- Apr 5, 2026 Distribution Patch
- Apr 5, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
- Apr 28, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2019:3892 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.fuse&version=7.5.0 url
- https://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/ url
- https://bugzilla.redhat.com/show_bug.cgi?id=1506612 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1528565 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1576492 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1593018 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1607580 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1629083 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1639090 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1663904 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1666415 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1666418 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1666423 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1666428 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1666482 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1666484 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1666489 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1671096 url
…and 12 more