{
  "schema_version": "1.7.0",
  "id": "RHSA-2026:6012",
  "related": [],
  "upstream": [
    "CVE-2024-3884",
    "CVE-2025-48913",
    "CVE-2026-0603"
  ],
  "published": "2026-03-31T10:12:09Z",
  "modified": "2026-06-30T10:52:53Z",
  "summary": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.14 security update",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"
    }
  ],
  "affected": [
    {
      "package": {
        "name": "eap7-undertow",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-undertow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:1.4.18-19.SP17_redhat_00001.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-wildfly",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-wildfly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:7.1.14-4.GA_redhat_00003.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-wildfly-modules",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-wildfly-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:7.1.14-4.GA_redhat_00003.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-apache-cxf",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-apache-cxf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.1.16-6.redhat_00006.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-apache-cxf-rt",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.1.16-6.redhat_00006.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-apache-cxf-services",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-apache-cxf-services"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.1.16-6.redhat_00006.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-apache-cxf-tools",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.1.16-6.redhat_00006.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-jbossws-cxf",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-jbossws-cxf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:5.1.11-1.SP1_redhat_00001.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-hibernate",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-hibernate"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:5.1.17-4.Final_redhat_00005.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-hibernate-core",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-hibernate-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:5.1.17-4.Final_redhat_00005.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-hibernate-entitymanager",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:5.1.17-4.Final_redhat_00005.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-hibernate-envers",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-hibernate-envers"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:5.1.17-4.Final_redhat_00005.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-hibernate-infinispan",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-hibernate-infinispan"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:5.1.17-4.Final_redhat_00005.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "eap7-hibernate-java8",
        "ecosystem": "Red Hat:jboss_enterprise_application_platform_eus:7.1::el7",
        "purl": "pkg:rpm/redhat/eap7-hibernate-java8"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:5.1.17-4.Final_redhat_00005.1.ep7.el7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2026:6012"
    },
    {
      "type": "ARTICLE",
      "url": "https://access.redhat.com/security/updates/classification/#important"
    },
    {
      "type": "ARTICLE",
      "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1"
    },
    {
      "type": "ARTICLE",
      "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index"
    },
    {
      "type": "ARTICLE",
      "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/7.1.0_release_notes/index"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275287"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427147"
    },
    {
      "type": "ADVISORY",
      "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6012.json"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-3884"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3884"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3884"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-48913"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913"
    },
    {
      "type": "ARTICLE",
      "url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-0603"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0603"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0603"
    }
  ]
}