The following Red Hat Security Advisory has been published which may affect subscriptions which you have purchased.
RHSA-2018:2663 Critical: Red Hat JBoss Enterprise Application Platform 5.2 security update
A security update is now available for Red Hat JB
oss Enterprise Application Platform from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas.
This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2.
* Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit.html.Paint2DResource. (CVE-2018-12533)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.