This security advisory for Red Hat JBoss Enterprise Application Platform 8.0.8 fixes several vulnerabilities: CVE-2025-2251 is an improper deserialization flaw in JBoss Marshalling that allows remote code execution; CVE-2025-2901 is a stored cross-site scripting vulnerability in the management console; CVE-2025-23184 is a denial of service vulnerability in Apache CXF related to temporary files; CVE-2025-27611 is a base-x homograph attack allowing Unicode lookalike characters to bypass validation; CVE-2025-48734 concerns Apache Commons BeanUtils PropertyUtilsBean not suppressing an enum's declaredClass property by default. The update replaces version 8.0.7 and includes bug fixes and enhancements. The vendor advisory confirms the availability of this security update for Red Hat JBoss EAP 8.0 for RHEL 8.

The improper deserialization vulnerability (CVE-2025-2251) can lead to remote code execution, posing a critical risk to affected systems. Stored XSS (CVE-2025-2901) can allow attackers to execute scripts in the context of the management console, potentially compromising administrative sessions. The denial of service vulnerability (CVE-2025-23184) can disrupt service availability. The homograph attack (CVE-2025-27611) can bypass input validation, potentially enabling spoofing or phishing attacks. The BeanUtils issue (CVE-2025-48734) may lead to unintended property exposure or manipulation. Collectively, these vulnerabilities represent a significant security risk if unpatched.

A security update is available in Red Hat JBoss Enterprise Application Platform 8.0.8, which addresses all listed vulnerabilities. Users should apply this update promptly after ensuring all prior relevant errata are installed and backing up their systems. The vendor advisory provides detailed instructions for applying the update. No additional mitigations are specified beyond applying the official patch.