Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-52428 (GCVE-0-2023-52428)
Vulnerability from cvelistv5 – Published: 2024-02-11 00:00 – Updated: 2024-10-30 19:50
VLAI
EPSS
Summary
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.
Severity
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T19:49:39.428104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T19:50:55.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"tags": [
"x_transferred"
],
"url": "https://connect2id.com/products/nimbus-jose-jwt"
},
{
"tags": [
"x_transferred"
],
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-11T04:43:14.335Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
},
{
"url": "https://connect2id.com/products/nimbus-jose-jwt"
},
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-52428",
"datePublished": "2024-02-11T00:00:00.000Z",
"dateReserved": "2024-02-11T00:00:00.000Z",
"dateUpdated": "2024-10-30T19:50:55.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-52428",
"date": "2026-05-29",
"epss": "0.00108",
"percentile": "0.28769"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-52428\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-02-11T05:15:08.383\",\"lastModified\":\"2024-11-21T08:39:43.963\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.\"},{\"lang\":\"es\",\"value\":\"En Connect2id Nimbus JOSE+JWT anterior a 9.37.2, un atacante puede provocar una denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s de un valor de encabezado JWE p2c grande (tambi\u00e9n conocido como recuento de iteraciones) para el componente PasswordBasedDecrypter (PBKDF2).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:connect2id:nimbus_jose\\\\+jwt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.37.2\",\"matchCriteriaId\":\"B33B5D00-0BBE-409A-B453-E9124F17CF99\"}]}]}],\"references\":[{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://connect2id.com/products/nimbus-jose-jwt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://connect2id.com/products/nimbus-jose-jwt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://connect2id.com/products/nimbus-jose-jwt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T22:55:41.674Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52428\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-30T19:49:39.428104Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770 Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:11.753Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/\"}, {\"url\": \"https://connect2id.com/products/nimbus-jose-jwt\"}, {\"url\": \"https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-02-11T04:43:14.335876\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-52428\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-30T19:50:55.784Z\", \"dateReserved\": \"2024-02-11T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-02-11T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024:8823
Vulnerability from csaf_redhat - Published: 2024-11-04 20:13 - Updated: 2026-05-27 16:06Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
7.5 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.
7.5 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
4.1 (Medium)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.
7.7 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
6.1 (Medium)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.
7.5 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
56 references
Acknowledgments
Tanner Emek
Niklas Conrad
Karsten Meyer zu Selhausen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8823",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27247",
"url": "https://issues.redhat.com/browse/JBEAP-27247"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2026-05-27T16:06:02+00:00",
"generator": {
"date": "2026-05-27T16:06:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8823",
"initial_release_date": "2024-11-04T20:13:37+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T16:06:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
RHSA-2024:8824
Vulnerability from csaf_redhat - Published: 2024-11-04 20:13 - Updated: 2026-05-27 16:06Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
7.5 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.
7.5 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
4.1 (Medium)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.
7.7 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
6.1 (Medium)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.
7.5 (High)
Affected products
Fixed
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
56 references
Acknowledgments
Tanner Emek
Niklas Conrad
Karsten Meyer zu Selhausen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8824",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27248",
"url": "https://issues.redhat.com/browse/JBEAP-27248"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2026-05-27T16:06:03+00:00",
"generator": {
"date": "2026-05-27T16:06:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8824",
"initial_release_date": "2024-11-04T20:13:24+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T16:06:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
RHSA-2024:8826
Vulnerability from csaf_redhat - Published: 2024-11-04 20:56 - Updated: 2026-05-27 16:06Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
4.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.
7.7 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 8
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:8.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
60 references
Acknowledgments
Tanner Emek
Niklas Conrad
Karsten Meyer zu Selhausen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8826",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2026-05-27T16:06:09+00:00",
"generator": {
"date": "2026-05-27T16:06:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8826",
"initial_release_date": "2024-11-04T20:56:02+00:00",
"revision_history": [
{
"date": "2024-11-04T20:56:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:56:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T16:06:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-03T12:00:40.921058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316271"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "RHBZ#2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"release_date": "2024-10-03T11:32:48.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
RHSA-2025:2416
Vulnerability from csaf_redhat - Published: 2025-03-05 20:59 - Updated: 2026-04-30 16:33Summary
Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update
Severity
Important
Notes
Topic: Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed
backbone that allows microservices and other applications to share data with
extremely high throughput and extremely low latency.
This release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] "(CVE-2023-52428)"
* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] "(CVE-2024-47535)"
* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] "(CVE-2024-31141)"
* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] "(CVE-2024-47554)"
* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] "(CVE-2024-8184)"
* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] "(CVE-2024-8184)"
* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] "(CVE-2024-9355)"
* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] "(CVE-2024-24791)"
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.0
Red Hat / Streams for Apache Kafka
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Jetty's ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.0
Red Hat / Streams for Apache Kafka
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum. It is also possible to force a derived key to be all zeros instead of an unpredictable value. This may have follow-on implications for the Go TLS stack.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.0
Red Hat / Streams for Apache Kafka
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.0
Red Hat / Streams for Apache Kafka
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations, which include the ability to read from disk or environment variables. In applications where an untrusted party can specify Apache Kafka Clients configurations, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.0
Red Hat / Streams for Apache Kafka
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.0
Red Hat / Streams for Apache Kafka
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.0
Red Hat / Streams for Apache Kafka
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
49 references
Acknowledgments
Red Hat
David Benoit
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] \"(CVE-2023-52428)\"\n\n* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] \"(CVE-2024-47535)\"\n\n* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] \"(CVE-2024-31141)\"\n\n* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] \"(CVE-2024-47554)\"\n\n* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] \"(CVE-2024-8184)\"\n\n* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \"(CVE-2024-8184)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] \"(CVE-2024-9355)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] \"(CVE-2024-24791)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2416",
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2315719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315719"
},
{
"category": "external",
"summary": "2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "2325538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325538"
},
{
"category": "external",
"summary": "2327264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2416.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update",
"tracking": {
"current_release_date": "2026-04-30T16:33:31+00:00",
"generator": {
"date": "2026-04-30T16:33:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2025:2416",
"initial_release_date": "2025-03-05T20:59:06+00:00",
"revision_history": [
{
"date": "2025-03-05T20:59:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-05T20:59:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:33:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.9.0",
"product": {
"name": "Streams for Apache Kafka 2.9.0",
"product_id": "Streams for Apache Kafka 2.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Streams for Apache Kafka"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:01.239238+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8184"
},
{
"category": "external",
"summary": "RHBZ#2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/pull/11723",
"url": "https://github.com/jetty/jetty.project/pull/11723"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
}
],
"release_date": "2024-10-14T15:09:37.861000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
},
{
"acknowledgments": [
{
"names": [
"David Benoit"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-9355",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-09-30T17:51:17.811000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2315719"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.\u00a0 It is also possible to force a derived key to be all zeros instead of an unpredictable value.\u00a0 This may have follow-on implications for the Go TLS stack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-fips: Golang FIPS zeroed buffer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is specific to the Go language and only affects the test code in cri-o and conmon, not the production code. Since both projects use Go exclusively for testing purposes, this issue does not impact their production environment. Therefore, cri-o and conmon are not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-9355"
},
{
"category": "external",
"summary": "RHBZ#2315719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315719"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-9355",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9355"
},
{
"category": "external",
"summary": "https://github.com/golang-fips/openssl/pull/198",
"url": "https://github.com/golang-fips/openssl/pull/198"
}
],
"release_date": "2024-09-30T20:53:42.833000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-fips: Golang FIPS zeroed buffer"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Denial of service due to improper 100-continue handling in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "RHBZ#2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
},
{
"category": "external",
"summary": "https://go.dev/cl/591255",
"url": "https://go.dev/cl/591255"
},
{
"category": "external",
"summary": "https://go.dev/issue/67555",
"url": "https://go.dev/issue/67555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
"url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Denial of service due to improper 100-continue handling in net/http"
},
{
"cve": "CVE-2024-31141",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2024-11-19T09:00:35.857468+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2327264"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations, which include the ability to read from disk or environment variables. In applications where an untrusted party can specify Apache Kafka Clients configurations, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-31141"
},
{
"category": "external",
"summary": "RHBZ#2327264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-31141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv",
"url": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv"
}
],
"release_date": "2024-11-19T08:40:50.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider"
},
{
"cve": "CVE-2024-47535",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-11-12T16:01:18.772613+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2325538"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Denial of Service attack on windows app using Netty",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47535"
},
{
"category": "external",
"summary": "RHBZ#2325538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3",
"url": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv"
}
],
"release_date": "2024-11-12T15:50:08.334000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Denial of Service attack on windows app using Netty"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-03T12:00:40.921058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316271"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "RHBZ#2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"release_date": "2024-10-03T11:32:48.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
WID-SEC-W-2024-0868
Vulnerability from csaf_certbund - Published: 2024-04-16 22:00 - Updated: 2024-04-16 22:00Summary
Oracle Construction and Engineering: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterstützung von Bau- und Ingenieurbüros. Sie umfasst u. a. Projektmanagement-Lösungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von Änderungen.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality" und "Availability", sowie "LOW" für "Integrity" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Last affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Construction and Engineering <=23.12.2
Oracle / Construction and Engineering
|
<=23.12.2 | ||
|
Oracle Construction and Engineering <=21.12.17
Oracle / Construction and Engineering
|
<=21.12.17 | ||
|
Oracle Construction and Engineering <=22.12.12
Oracle / Construction and Engineering
|
<=22.12.12 | ||
|
Oracle Construction and Engineering <=20.12.16
Oracle / Construction and Engineering
|
<=20.12.16 | ||
|
Oracle Construction and Engineering <=21.12.18
Oracle / Construction and Engineering
|
<=21.12.18 | ||
|
Oracle Construction and Engineering <=19.12.22
Oracle / Construction and Engineering
|
<=19.12.22 | ||
|
Oracle Construction and Engineering <=20.12.21
Oracle / Construction and Engineering
|
<=20.12.21 | ||
|
Oracle Construction and Engineering <=23.12.3
Oracle / Construction and Engineering
|
<=23.12.3 | ||
|
Oracle Construction and Engineering <=19.12.16
Oracle / Construction and Engineering
|
<=19.12.16 | ||
|
Oracle Construction and Engineering <=21.12.11
Oracle / Construction and Engineering
|
<=21.12.11 | ||
|
Oracle Construction and Engineering <=20.12.13
Oracle / Construction and Engineering
|
<=20.12.13 | ||
|
Oracle Construction and Engineering <=19.12.18
Oracle / Construction and Engineering
|
<=19.12.18 |
In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality" und "Availability", sowie "LOW" für "Integrity" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Last affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Construction and Engineering <=23.12.2
Oracle / Construction and Engineering
|
<=23.12.2 | ||
|
Oracle Construction and Engineering <=21.12.17
Oracle / Construction and Engineering
|
<=21.12.17 | ||
|
Oracle Construction and Engineering <=22.12.12
Oracle / Construction and Engineering
|
<=22.12.12 | ||
|
Oracle Construction and Engineering <=20.12.16
Oracle / Construction and Engineering
|
<=20.12.16 | ||
|
Oracle Construction and Engineering <=21.12.18
Oracle / Construction and Engineering
|
<=21.12.18 | ||
|
Oracle Construction and Engineering <=19.12.22
Oracle / Construction and Engineering
|
<=19.12.22 | ||
|
Oracle Construction and Engineering <=20.12.21
Oracle / Construction and Engineering
|
<=20.12.21 | ||
|
Oracle Construction and Engineering <=23.12.3
Oracle / Construction and Engineering
|
<=23.12.3 | ||
|
Oracle Construction and Engineering <=19.12.16
Oracle / Construction and Engineering
|
<=19.12.16 | ||
|
Oracle Construction and Engineering <=21.12.11
Oracle / Construction and Engineering
|
<=21.12.11 | ||
|
Oracle Construction and Engineering <=20.12.13
Oracle / Construction and Engineering
|
<=20.12.13 | ||
|
Oracle Construction and Engineering <=19.12.18
Oracle / Construction and Engineering
|
<=19.12.18 |
In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality" und "Availability", sowie "LOW" für "Integrity" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Last affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Construction and Engineering <=23.12.2
Oracle / Construction and Engineering
|
<=23.12.2 | ||
|
Oracle Construction and Engineering <=21.12.17
Oracle / Construction and Engineering
|
<=21.12.17 | ||
|
Oracle Construction and Engineering <=22.12.12
Oracle / Construction and Engineering
|
<=22.12.12 | ||
|
Oracle Construction and Engineering <=20.12.16
Oracle / Construction and Engineering
|
<=20.12.16 | ||
|
Oracle Construction and Engineering <=21.12.18
Oracle / Construction and Engineering
|
<=21.12.18 | ||
|
Oracle Construction and Engineering <=19.12.22
Oracle / Construction and Engineering
|
<=19.12.22 | ||
|
Oracle Construction and Engineering <=20.12.21
Oracle / Construction and Engineering
|
<=20.12.21 | ||
|
Oracle Construction and Engineering <=23.12.3
Oracle / Construction and Engineering
|
<=23.12.3 | ||
|
Oracle Construction and Engineering <=19.12.16
Oracle / Construction and Engineering
|
<=19.12.16 | ||
|
Oracle Construction and Engineering <=21.12.11
Oracle / Construction and Engineering
|
<=21.12.11 | ||
|
Oracle Construction and Engineering <=20.12.13
Oracle / Construction and Engineering
|
<=20.12.13 | ||
|
Oracle Construction and Engineering <=19.12.18
Oracle / Construction and Engineering
|
<=19.12.18 |
In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality" und "Availability", sowie "LOW" für "Integrity" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Last affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Construction and Engineering <=23.12.2
Oracle / Construction and Engineering
|
<=23.12.2 | ||
|
Oracle Construction and Engineering <=21.12.17
Oracle / Construction and Engineering
|
<=21.12.17 | ||
|
Oracle Construction and Engineering <=22.12.12
Oracle / Construction and Engineering
|
<=22.12.12 | ||
|
Oracle Construction and Engineering <=20.12.16
Oracle / Construction and Engineering
|
<=20.12.16 | ||
|
Oracle Construction and Engineering <=21.12.18
Oracle / Construction and Engineering
|
<=21.12.18 | ||
|
Oracle Construction and Engineering <=19.12.22
Oracle / Construction and Engineering
|
<=19.12.22 | ||
|
Oracle Construction and Engineering <=20.12.21
Oracle / Construction and Engineering
|
<=20.12.21 | ||
|
Oracle Construction and Engineering <=23.12.3
Oracle / Construction and Engineering
|
<=23.12.3 | ||
|
Oracle Construction and Engineering <=19.12.16
Oracle / Construction and Engineering
|
<=19.12.16 | ||
|
Oracle Construction and Engineering <=21.12.11
Oracle / Construction and Engineering
|
<=21.12.11 | ||
|
Oracle Construction and Engineering <=20.12.13
Oracle / Construction and Engineering
|
<=20.12.13 | ||
|
Oracle Construction and Engineering <=19.12.18
Oracle / Construction and Engineering
|
<=19.12.18 |
In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality" und "Availability", sowie "LOW" für "Integrity" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Last affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Construction and Engineering <=23.12.2
Oracle / Construction and Engineering
|
<=23.12.2 | ||
|
Oracle Construction and Engineering <=21.12.17
Oracle / Construction and Engineering
|
<=21.12.17 | ||
|
Oracle Construction and Engineering <=22.12.12
Oracle / Construction and Engineering
|
<=22.12.12 | ||
|
Oracle Construction and Engineering <=20.12.16
Oracle / Construction and Engineering
|
<=20.12.16 | ||
|
Oracle Construction and Engineering <=21.12.18
Oracle / Construction and Engineering
|
<=21.12.18 | ||
|
Oracle Construction and Engineering <=19.12.22
Oracle / Construction and Engineering
|
<=19.12.22 | ||
|
Oracle Construction and Engineering <=20.12.21
Oracle / Construction and Engineering
|
<=20.12.21 | ||
|
Oracle Construction and Engineering <=23.12.3
Oracle / Construction and Engineering
|
<=23.12.3 | ||
|
Oracle Construction and Engineering <=19.12.16
Oracle / Construction and Engineering
|
<=19.12.16 | ||
|
Oracle Construction and Engineering <=21.12.11
Oracle / Construction and Engineering
|
<=21.12.11 | ||
|
Oracle Construction and Engineering <=20.12.13
Oracle / Construction and Engineering
|
<=20.12.13 | ||
|
Oracle Construction and Engineering <=19.12.18
Oracle / Construction and Engineering
|
<=19.12.18 |
In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality" und "Availability", sowie "LOW" für "Integrity" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Last affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Construction and Engineering <=23.12.2
Oracle / Construction and Engineering
|
<=23.12.2 | ||
|
Oracle Construction and Engineering <=21.12.17
Oracle / Construction and Engineering
|
<=21.12.17 | ||
|
Oracle Construction and Engineering <=22.12.12
Oracle / Construction and Engineering
|
<=22.12.12 | ||
|
Oracle Construction and Engineering <=20.12.16
Oracle / Construction and Engineering
|
<=20.12.16 | ||
|
Oracle Construction and Engineering <=21.12.18
Oracle / Construction and Engineering
|
<=21.12.18 | ||
|
Oracle Construction and Engineering <=19.12.22
Oracle / Construction and Engineering
|
<=19.12.22 | ||
|
Oracle Construction and Engineering <=20.12.21
Oracle / Construction and Engineering
|
<=20.12.21 | ||
|
Oracle Construction and Engineering <=23.12.3
Oracle / Construction and Engineering
|
<=23.12.3 | ||
|
Oracle Construction and Engineering <=19.12.16
Oracle / Construction and Engineering
|
<=19.12.16 | ||
|
Oracle Construction and Engineering <=21.12.11
Oracle / Construction and Engineering
|
<=21.12.11 | ||
|
Oracle Construction and Engineering <=20.12.13
Oracle / Construction and Engineering
|
<=20.12.13 | ||
|
Oracle Construction and Engineering <=19.12.18
Oracle / Construction and Engineering
|
<=19.12.18 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Construction and Engineering ist eine Sammlung von Werkzeugen zur Unterst\u00fctzung von Bau- und Ingenieurb\u00fcros. Sie umfasst u. a. Projektmanagement-L\u00f6sungen zur Verwaltung von Projekte, zur Schaffung von Transparenz, zur Zusammenarbeit und zur Verwaltung von \u00c4nderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Construction and Engineering ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0868 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0868.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0868 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0868"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Construction and Engineering vom 2024-04-16",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixPVA"
}
],
"source_lang": "en-US",
"title": "Oracle Construction and Engineering: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:07:39.814+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0868",
"initial_release_date": "2024-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=19.12.16",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.16",
"product_id": "T027345"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.16",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.16",
"product_id": "T027346"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.12.22",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.22",
"product_id": "T032095"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.17",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.17",
"product_id": "T032097"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.21",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.21",
"product_id": "T034151"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.18",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.18",
"product_id": "T034152"
}
},
{
"category": "product_version_range",
"name": "\u003c=22.12.12",
"product": {
"name": "Oracle Construction and Engineering \u003c=22.12.12",
"product_id": "T034153"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.12.2",
"product": {
"name": "Oracle Construction and Engineering \u003c=23.12.2",
"product_id": "T034154"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.12.18",
"product": {
"name": "Oracle Construction and Engineering \u003c=19.12.18",
"product_id": "T034155"
}
},
{
"category": "product_version_range",
"name": "\u003c=20.12.13",
"product": {
"name": "Oracle Construction and Engineering \u003c=20.12.13",
"product_id": "T034156"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.12.11",
"product": {
"name": "Oracle Construction and Engineering \u003c=21.12.11",
"product_id": "T034157"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.12.3",
"product": {
"name": "Oracle Construction and Engineering \u003c=23.12.3",
"product_id": "T034158"
}
}
],
"category": "product_name",
"name": "Construction and Engineering"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-50386",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-50386"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-21095",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21095"
},
{
"cve": "CVE-2024-22243",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-22243"
},
{
"cve": "CVE-2024-26308",
"notes": [
{
"category": "description",
"text": "In Oracle Construction and Engineering existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\" und \"Availability\", sowie \"LOW\" f\u00fcr \"Integrity\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T034154",
"T032097",
"T034153",
"T027346",
"T034152",
"T032095",
"T034151",
"T034158",
"T027345",
"T034157",
"T034156",
"T034155"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-26308"
}
]
}
WID-SEC-W-2024-0899
Vulnerability from csaf_certbund - Published: 2024-04-16 22:00 - Updated: 2025-06-09 22:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 8.5.6
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.6
|
8.5.6 | |
|
Oracle Fusion Middleware 12.2.1.3.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.3.0
|
12.2.1.3.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0899 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0899.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0899 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0899"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Fusion Middleware vom 2024-04-16",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixFMW"
},
{
"category": "external",
"summary": "PoC CVE-2024-21006 vom 2025-06-09",
"url": "https://github.com/d3fudd/CVE-2024-21006_POC"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-09T22:00:00.000+00:00",
"generator": {
"date": "2025-06-10T06:12:15.168+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-0899",
"initial_release_date": "2024-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "2",
"summary": "PoC f\u00fcr CVE-2024-21006 aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.3.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.3.0",
"product_id": "618028",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.3.0"
}
}
},
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.6",
"product": {
"name": "Oracle Fusion Middleware 8.5.6",
"product_id": "T024993",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.6"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-0231",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-0231"
},
{
"cve": "CVE-2019-10172",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-10172"
},
{
"cve": "CVE-2019-13990",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2019-13990"
},
{
"cve": "CVE-2021-23369",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2021-23369"
},
{
"cve": "CVE-2022-1471",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-24329",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-24329"
},
{
"cve": "CVE-2022-25147",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-34169",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-34381",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-34381"
},
{
"cve": "CVE-2022-42003",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-45378",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-45378"
},
{
"cve": "CVE-2022-46337",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-46337"
},
{
"cve": "CVE-2022-48579",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2022-48579"
},
{
"cve": "CVE-2023-24021",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-24021"
},
{
"cve": "CVE-2023-2976",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-31122",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-31122"
},
{
"cve": "CVE-2023-33201",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-35116",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-35887",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-35887"
},
{
"cve": "CVE-2023-3635",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-37536",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-37536"
},
{
"cve": "CVE-2023-44487",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46589",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-48795",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-5072",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-52428",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-1597",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-1597"
},
{
"cve": "CVE-2024-20991",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20991"
},
{
"cve": "CVE-2024-20992",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-20992"
},
{
"cve": "CVE-2024-21006",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21006"
},
{
"cve": "CVE-2024-21007",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21007"
},
{
"cve": "CVE-2024-21117",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21117"
},
{
"cve": "CVE-2024-21118",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21118"
},
{
"cve": "CVE-2024-21119",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21119"
},
{
"cve": "CVE-2024-21120",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-21120"
},
{
"cve": "CVE-2024-23635",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-23635"
},
{
"cve": "CVE-2024-26308",
"product_status": {
"known_affected": [
"T024993",
"618028",
"751674",
"T034057",
"829576"
]
},
"release_date": "2024-04-16T22:00:00.000+00:00",
"title": "CVE-2024-26308"
}
]
}
WID-SEC-W-2024-1650
Vulnerability from csaf_certbund - Published: 2024-07-16 22:00 - Updated: 2024-07-16 22:00Summary
Oracle Utilities Applications: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen Lösungen für Ver- und Entsorger.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Windows
In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 24.1.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Utilities Applications 24.2.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.2.0.0.0
|
24.2.0.0.0 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications <=4.5.0.1.3
Oracle / Utilities Applications
|
<=4.5.0.1.3 |
In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 24.1.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.1.0.0.0
|
24.1.0.0.0 | |
|
Oracle Utilities Applications 24.2.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:24.2.0.0.0
|
24.2.0.0.0 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications <=4.5.0.1.3
Oracle / Utilities Applications
|
<=4.5.0.1.3 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen L\u00f6sungen f\u00fcr Ver- und Entsorger.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1650 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1650.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1650 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1650"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Utilities Applications vom 2024-07-16",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixUTIL"
}
],
"source_lang": "en-US",
"title": "Oracle Utilities Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-16T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:29.436+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1650",
"initial_release_date": "2024-07-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "4.4.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.0.0",
"product_id": "T036262",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.2.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.2.0",
"product_id": "T036263",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.2.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.3.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.3.0",
"product_id": "T036264",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.3.0"
}
}
},
{
"category": "product_version",
"name": "4.5.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.5.0.0.0",
"product_id": "T036265",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=4.5.0.1.3",
"product": {
"name": "Oracle Utilities Applications \u003c=4.5.0.1.3",
"product_id": "T036266"
}
},
{
"category": "product_version",
"name": "24.1.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.1.0.0.0",
"product_id": "T036267",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "24.2.0.0.0",
"product": {
"name": "Oracle Utilities Applications 24.2.0.0.0",
"product_id": "T036268",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:24.2.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.3.0.6.0",
"product": {
"name": "Oracle Utilities Applications 4.3.0.6.0",
"product_id": "T036269",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.3.0.6.0"
}
}
}
],
"category": "product_name",
"name": "Utilities Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "In Oracle Utilities Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T036262",
"T036267",
"T036268",
"T036269",
"T036263",
"T036264",
"T036265"
],
"last_affected": [
"T036266"
]
},
"release_date": "2024-07-16T22:00:00.000+00:00",
"title": "CVE-2024-29857"
}
]
}
WID-SEC-W-2024-1758
Vulnerability from csaf_certbund - Published: 2024-08-05 22:00 - Updated: 2024-08-05 22:00Summary
IBM InfoSphere Information Server: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um einen Denial of Service Angriff durchzuführen und vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Es besteht eine Sicherheitslücke in IBM InfoSphere Information Server. Dieser Fehler betrifft die Komponente PasswordBasedDecrypter (PBKDF2) aufgrund einer unsachgemäßen Validierung von Benutzeranfragen, was zu einem möglichen Systemabsturz führt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Es besteht eine Schwachstelle in IBM InfoSphere Information Server aufgrund einer unsachgemäßen Fehlerbehandlung. Wenn ein Fehler auftritt, werden detaillierte technische Fehlermeldungen in den Browser zurückgegeben, die möglicherweise vertrauliche Informationen preisgeben. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Zugang zu detaillierten Informationen über das System zu erhalten, die dann verwendet werden können, um weitere Angriffe gegen das System zu ermöglichen.
References
4 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1758 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1758.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1758 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1758"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-08-05",
"url": "https://www.ibm.com/support/pages/node/7160580"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-08-05",
"url": "https://www.ibm.com/support/pages/node/7160967"
}
],
"source_lang": "en-US",
"title": "IBM InfoSphere Information Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-05T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:56.677+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1758",
"initial_release_date": "2024-08-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.7.1.0",
"product": {
"name": "IBM InfoSphere Information Server \u003c11.7.1.0",
"product_id": "T036611"
}
},
{
"category": "product_version_range",
"name": "\u003c11.7.1.5",
"product": {
"name": "IBM InfoSphere Information Server \u003c11.7.1.5",
"product_id": "T036613"
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"notes": [
{
"category": "description",
"text": "Es besteht eine Sicherheitsl\u00fccke in IBM InfoSphere Information Server. Dieser Fehler betrifft die Komponente PasswordBasedDecrypter (PBKDF2) aufgrund einer unsachgem\u00e4\u00dfen Validierung von Benutzeranfragen, was zu einem m\u00f6glichen Systemabsturz f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-39751",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in IBM InfoSphere Information Server aufgrund einer unsachgem\u00e4\u00dfen Fehlerbehandlung. Wenn ein Fehler auftritt, werden detaillierte technische Fehlermeldungen in den Browser zur\u00fcckgegeben, die m\u00f6glicherweise vertrauliche Informationen preisgeben. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Zugang zu detaillierten Informationen \u00fcber das System zu erhalten, die dann verwendet werden k\u00f6nnen, um weitere Angriffe gegen das System zu erm\u00f6glichen."
}
],
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2024-39751"
}
]
}
WID-SEC-W-2024-3180
Vulnerability from csaf_certbund - Published: 2024-10-14 22:00 - Updated: 2025-11-18 23:00Summary
Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.
JBoss A-MQ ist eine Messaging-Plattform.
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank für den schnellen Zugriff auf große Datenvolumen und Skalierbarkeit.
Angriff: Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel K 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_k_1
|
Camel K 1 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat JBoss A-MQ
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:-
|
— | |
|
Red Hat JBoss Data Grid
Red Hat
|
cpe:/a:redhat:jboss_data_grid:-
|
— | |
|
Apache Camel <4.4.3
Apache / Camel
|
<4.4.3 | ||
|
IBM QRadar SIEM <7.5.0 UP10 IF01
IBM / QRadar SIEM
|
<7.5.0 UP10 IF01 | ||
|
Red Hat JBoss Enterprise Application Platform Quarkus
Red Hat / JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:quarkus
|
Quarkus | |
|
Atlassian Bamboo <10.0.3
Atlassian / Bamboo
|
<10.0.3 | ||
|
Atlassian Bamboo <9.2.20
Atlassian / Bamboo
|
<9.2.20 | ||
|
Atlassian Bamboo <9.6.8
Atlassian / Bamboo
|
<9.6.8 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Red Hat JBoss A-MQ Streams 2
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:streams_2
|
Streams 2 | |
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel K 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_k_1
|
Camel K 1 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat JBoss A-MQ
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:-
|
— | |
|
Red Hat JBoss Data Grid
Red Hat
|
cpe:/a:redhat:jboss_data_grid:-
|
— | |
|
Apache Camel <4.4.3
Apache / Camel
|
<4.4.3 | ||
|
IBM QRadar SIEM <7.5.0 UP10 IF01
IBM / QRadar SIEM
|
<7.5.0 UP10 IF01 | ||
|
Red Hat JBoss Enterprise Application Platform Quarkus
Red Hat / JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:quarkus
|
Quarkus | |
|
Atlassian Bamboo <10.0.3
Atlassian / Bamboo
|
<10.0.3 | ||
|
Atlassian Bamboo <9.2.20
Atlassian / Bamboo
|
<9.2.20 | ||
|
Atlassian Bamboo <9.6.8
Atlassian / Bamboo
|
<9.6.8 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Red Hat JBoss A-MQ Streams 2
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:streams_2
|
Streams 2 | |
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel K 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_k_1
|
Camel K 1 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat JBoss A-MQ
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:-
|
— | |
|
Red Hat JBoss Data Grid
Red Hat
|
cpe:/a:redhat:jboss_data_grid:-
|
— | |
|
Apache Camel <4.4.3
Apache / Camel
|
<4.4.3 | ||
|
IBM QRadar SIEM <7.5.0 UP10 IF01
IBM / QRadar SIEM
|
<7.5.0 UP10 IF01 | ||
|
Red Hat JBoss Enterprise Application Platform Quarkus
Red Hat / JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:quarkus
|
Quarkus | |
|
Atlassian Bamboo <10.0.3
Atlassian / Bamboo
|
<10.0.3 | ||
|
Atlassian Bamboo <9.2.20
Atlassian / Bamboo
|
<9.2.20 | ||
|
Atlassian Bamboo <9.6.8
Atlassian / Bamboo
|
<9.6.8 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Red Hat JBoss A-MQ Streams 2
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:streams_2
|
Streams 2 | |
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel K 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_k_1
|
Camel K 1 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat JBoss A-MQ
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:-
|
— | |
|
Red Hat JBoss Data Grid
Red Hat
|
cpe:/a:redhat:jboss_data_grid:-
|
— | |
|
Apache Camel <4.4.3
Apache / Camel
|
<4.4.3 | ||
|
IBM QRadar SIEM <7.5.0 UP10 IF01
IBM / QRadar SIEM
|
<7.5.0 UP10 IF01 | ||
|
Red Hat JBoss Enterprise Application Platform Quarkus
Red Hat / JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:quarkus
|
Quarkus | |
|
Atlassian Bamboo <10.0.3
Atlassian / Bamboo
|
<10.0.3 | ||
|
Atlassian Bamboo <9.2.20
Atlassian / Bamboo
|
<9.2.20 | ||
|
Atlassian Bamboo <9.6.8
Atlassian / Bamboo
|
<9.6.8 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Red Hat JBoss A-MQ Streams 2
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:streams_2
|
Streams 2 | |
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel K 1
Red Hat / Integration
|
cpe:/a:redhat:integration:camel_k_1
|
Camel K 1 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat JBoss A-MQ
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:-
|
— | |
|
Atlassian Jira Data Center and Server <9.12.15 (LTS)
Atlassian / Jira
|
Data Center and Server <9.12.15 (LTS) | ||
|
Red Hat JBoss Data Grid
Red Hat
|
cpe:/a:redhat:jboss_data_grid:-
|
— | |
|
Apache Camel <4.4.3
Apache / Camel
|
<4.4.3 | ||
|
IBM QRadar SIEM <7.5.0 UP10 IF01
IBM / QRadar SIEM
|
<7.5.0 UP10 IF01 | ||
|
Red Hat JBoss Enterprise Application Platform Quarkus
Red Hat / JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:quarkus
|
Quarkus | |
|
Atlassian Bamboo <10.0.3
Atlassian / Bamboo
|
<10.0.3 | ||
|
Atlassian Bamboo <9.2.20
Atlassian / Bamboo
|
<9.2.20 | ||
|
Atlassian Bamboo <9.6.8
Atlassian / Bamboo
|
<9.6.8 | ||
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IBM QRadar SIEM
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Atlassian Jira Data Center and Server <10.3.1
Atlassian / Jira
|
Data Center and Server <10.3.1 | ||
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
Atlassian Jira Data Center and Server <9.17.5
Atlassian / Jira
|
Data Center and Server <9.17.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Red Hat JBoss A-MQ Streams 2
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:streams_2
|
Streams 2 | |
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
References
15 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.\r\nJBoss A-MQ ist eine Messaging-Plattform.\r\nJBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.\r\nRed Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank f\u00fcr den schnellen Zugriff auf gro\u00dfe Datenvolumen und Skalierbarkeit.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3180 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3180.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3180 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3180"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2024-10-14",
"url": "https://access.redhat.com/errata/RHSA-2024:8064"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8339 vom 2024-10-22",
"url": "https://access.redhat.com/errata/RHSA-2024:8339"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7174634"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8824 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8823 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8826 vom 2024-11-04",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11023 vom 2024-12-12",
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "external",
"summary": "Atlassian Security Advisory JSWSERVER-26273 vom 2025-01-21",
"url": "https://confluence.atlassian.com/security/security-bulletin-january-21-2025-1489803942.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183676 vom 2025-02-27",
"url": "https://www.ibm.com/support/pages/node/7183676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2416 vom 2025-03-05",
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7248128 vom 2025-10-16",
"url": "https://www.ibm.com/support/pages/node/7248128"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
}
],
"source_lang": "en-US",
"title": "Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-18T23:00:00.000+00:00",
"generator": {
"date": "2025-11-19T09:42:53.264+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-3180",
"initial_release_date": "2024-10-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-31T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-04T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-12-12T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Atlassian aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-05T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-20T23:00:00.000+00:00",
"number": "10",
"summary": "Produktzuordnung Atlassian Jira korrigiert"
},
{
"date": "2025-10-16T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "12"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.4.3",
"product": {
"name": "Apache Camel \u003c4.4.3",
"product_id": "T038353"
}
},
{
"category": "product_version",
"name": "4.4.3",
"product": {
"name": "Apache Camel 4.4.3",
"product_id": "T038353-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:camel:4.4.3"
}
}
}
],
"category": "product_name",
"name": "Camel"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.3",
"product": {
"name": "Atlassian Bamboo \u003c10.0.3",
"product_id": "T039274"
}
},
{
"category": "product_version",
"name": "10.0.3",
"product": {
"name": "Atlassian Bamboo 10.0.3",
"product_id": "T039274-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.8",
"product": {
"name": "Atlassian Bamboo \u003c9.6.8",
"product_id": "T039275"
}
},
{
"category": "product_version",
"name": "9.6.8",
"product": {
"name": "Atlassian Bamboo 9.6.8",
"product_id": "T039275-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.20",
"product": {
"name": "Atlassian Bamboo \u003c9.2.20",
"product_id": "T039276"
}
},
{
"category": "product_version",
"name": "9.2.20",
"product": {
"name": "Atlassian Bamboo 9.2.20",
"product_id": "T039276-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.2.20"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center and Server \u003c9.17.5",
"product": {
"name": "Atlassian Jira Data Center and Server \u003c9.17.5",
"product_id": "T040542"
}
},
{
"category": "product_version",
"name": "Data Center and Server 9.17.5",
"product": {
"name": "Atlassian Jira Data Center and Server 9.17.5",
"product_id": "T040542-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center_and_server__9.17.5"
}
}
},
{
"category": "product_version_range",
"name": "Data Center and Server \u003c10.3.1",
"product": {
"name": "Atlassian Jira Data Center and Server \u003c10.3.1",
"product_id": "T042108"
}
},
{
"category": "product_version",
"name": "Data Center and Server 10.3.1",
"product": {
"name": "Atlassian Jira Data Center and Server 10.3.1",
"product_id": "T042108-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center_and_server__10.3.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center and Server \u003c9.12.15 (LTS)",
"product": {
"name": "Atlassian Jira Data Center and Server \u003c9.12.15 (LTS)",
"product_id": "T042109"
}
},
{
"category": "product_version",
"name": "Data Center and Server 9.12.15 (LTS)",
"product": {
"name": "Atlassian Jira Data Center and Server 9.12.15 (LTS)",
"product_id": "T042109-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center_and_server__9.12.15_%2528lts%2529"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics \u003c12.0.4 IF2",
"product_id": "T041469"
}
},
{
"category": "product_version",
"name": "12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics 12.0.4 IF2",
"product_id": "T041469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:12.0.4_if2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics \u003c11.2.4 IF4",
"product_id": "T041470"
}
},
{
"category": "product_version",
"name": "11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics 11.2.4 IF4",
"product_id": "T041470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:11.2.4_if4"
}
}
}
],
"category": "product_name",
"name": "Cognos Analytics"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
"product_id": "T038741"
}
},
{
"category": "product_version",
"name": "7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
"product_id": "T038741-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Camel K 1",
"product": {
"name": "Red Hat Integration Camel K 1",
"product_id": "T031972",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:camel_k_1"
}
}
}
],
"category": "product_name",
"name": "Integration"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ",
"product": {
"name": "Red Hat JBoss A-MQ",
"product_id": "T038357",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:-"
}
}
},
{
"category": "product_version",
"name": "Streams 2",
"product": {
"name": "Red Hat JBoss A-MQ Streams 2",
"product_id": "T041596",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:streams_2"
}
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
},
{
"category": "product_name",
"name": "Red Hat JBoss Data Grid",
"product": {
"name": "Red Hat JBoss Data Grid",
"product_id": "T038358",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Quarkus",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform Quarkus",
"product_id": "T038356",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:quarkus"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"product_status": {
"known_affected": [
"T031972",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356",
"T039274",
"T039276",
"T039275",
"T041470",
"T021415",
"T041469",
"T048677",
"T041596",
"T048676",
"T048675"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-38809",
"product_status": {
"known_affected": [
"T031972",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356",
"T039274",
"T039276",
"T039275",
"T041470",
"T021415",
"T041469",
"T048677",
"T041596",
"T048676",
"T048675"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-38809"
},
{
"cve": "CVE-2024-38816",
"product_status": {
"known_affected": [
"T031972",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356",
"T039274",
"T039276",
"T039275",
"T041470",
"T021415",
"T041469",
"T048677",
"T041596",
"T048676",
"T048675"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-45294",
"product_status": {
"known_affected": [
"T031972",
"67646",
"T038357",
"T038358",
"T038353",
"T038741",
"T038356",
"T039274",
"T039276",
"T039275",
"T041470",
"T021415",
"T041469",
"T048677",
"T041596",
"T048676",
"T048675"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-45294"
},
{
"cve": "CVE-2024-47561",
"product_status": {
"known_affected": [
"T031972",
"67646",
"T038357",
"T042109",
"T038358",
"T038353",
"T038741",
"T038356",
"T039274",
"T039276",
"T039275",
"T041470",
"T021415",
"T042108",
"T041469",
"T040542",
"T048677",
"T041596",
"T048676",
"T048675"
]
},
"release_date": "2024-10-14T22:00:00.000+00:00",
"title": "CVE-2024-47561"
}
]
}
WID-SEC-W-2024-3507
Vulnerability from csaf_certbund - Published: 2024-11-19 23:00 - Updated: 2025-07-15 22:00Summary
Atlassian Jira Software: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira <9.17.5
Atlassian / Jira Software
|
<9.17.5 | ||
|
Atlassian Jira <10.1.2
Atlassian / Jira Software
|
<10.1.2 | ||
|
Atlassian Jira <9.17.4
Atlassian / Jira Software
|
<9.17.4 | ||
|
Atlassian Jira <10.1.1
Atlassian / Jira Software
|
<10.1.1 | ||
|
Atlassian Jira Service Management <10.1.2
Atlassian / Jira Software
|
Service Management <10.1.2 | ||
|
Atlassian Jira Service Management <10.1.1
Atlassian / Jira Software
|
Service Management <10.1.1 | ||
|
Atlassian Jira Service Management LTS <5.4.28
Atlassian / Jira Software
|
Service Management LTS <5.4.28 | ||
|
Atlassian Jira Service Management LTS <5.12.15
Atlassian / Jira Software
|
Service Management LTS <5.12.15 | ||
|
Atlassian Jira LTS <9.4.28
Atlassian / Jira Software
|
LTS <9.4.28 | ||
|
Atlassian Jira LTS <9.12.15
Atlassian / Jira Software
|
LTS <9.12.15 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira <9.17.5
Atlassian / Jira Software
|
<9.17.5 | ||
|
Atlassian Jira <10.1.2
Atlassian / Jira Software
|
<10.1.2 | ||
|
Atlassian Jira <9.17.4
Atlassian / Jira Software
|
<9.17.4 | ||
|
Atlassian Jira <10.1.1
Atlassian / Jira Software
|
<10.1.1 | ||
|
Atlassian Jira Service Management <10.1.2
Atlassian / Jira Software
|
Service Management <10.1.2 | ||
|
Atlassian Jira Service Management <10.1.1
Atlassian / Jira Software
|
Service Management <10.1.1 | ||
|
Atlassian Jira Service Management LTS <5.4.28
Atlassian / Jira Software
|
Service Management LTS <5.4.28 | ||
|
Atlassian Jira Service Management LTS <5.12.15
Atlassian / Jira Software
|
Service Management LTS <5.12.15 | ||
|
Atlassian Jira LTS <9.4.28
Atlassian / Jira Software
|
LTS <9.4.28 | ||
|
Atlassian Jira LTS <9.12.15
Atlassian / Jira Software
|
LTS <9.12.15 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Jira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3507 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3507.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3507 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3507"
},
{
"category": "external",
"summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - July 15 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-july-15-2025-1590658642.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Jira Software: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-15T22:00:00.000+00:00",
"generator": {
"date": "2025-07-16T08:16:56.987+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-3507",
"initial_release_date": "2024-11-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.7.2",
"product": {
"name": "Atlassian Jira \u003c10.7.2",
"product_id": "T045453"
}
},
{
"category": "product_version",
"name": "10.7.2",
"product": {
"name": "Atlassian Jira 10.7.2",
"product_id": "T045453-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.7.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.3.8 (LTS)",
"product": {
"name": "Atlassian Jira \u003c10.3.8 (LTS)",
"product_id": "T045454"
}
},
{
"category": "product_version",
"name": "10.3.8 (LTS)",
"product": {
"name": "Atlassian Jira 10.3.8 (LTS)",
"product_id": "T045454-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.3.8_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.12.25 (LTS)",
"product": {
"name": "Atlassian Jira \u003c9.12.25 (LTS)",
"product_id": "T045455"
}
},
{
"category": "product_version",
"name": "9.12.25 (LTS)",
"product": {
"name": "Atlassian Jira 9.12.25 (LTS)",
"product_id": "T045455-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:9.12.25_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Jira"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.2",
"product": {
"name": "Atlassian Jira \u003c10.1.2",
"product_id": "T039317"
}
},
{
"category": "product_version",
"name": "10.1.2",
"product": {
"name": "Atlassian Jira 10.1.2",
"product_id": "T039317-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:10.1.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.1",
"product": {
"name": "Atlassian Jira \u003c10.1.1",
"product_id": "T039327"
}
},
{
"category": "product_version",
"name": "10.1.1",
"product": {
"name": "Atlassian Jira 10.1.1",
"product_id": "T039327-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.17.4",
"product": {
"name": "Atlassian Jira \u003c9.17.4",
"product_id": "T039328"
}
},
{
"category": "product_version",
"name": "9.17.4",
"product": {
"name": "Atlassian Jira 9.17.4",
"product_id": "T039328-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:9.17.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.17.5",
"product": {
"name": "Atlassian Jira \u003c9.17.5",
"product_id": "T039329"
}
},
{
"category": "product_version",
"name": "9.17.5",
"product": {
"name": "Atlassian Jira 9.17.5",
"product_id": "T039329-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:9.17.5"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c9.12.15",
"product": {
"name": "Atlassian Jira LTS \u003c9.12.15",
"product_id": "T039330"
}
},
{
"category": "product_version",
"name": "LTS 9.12.15",
"product": {
"name": "Atlassian Jira LTS 9.12.15",
"product_id": "T039330-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:lts__9.12.15"
}
}
},
{
"category": "product_version_range",
"name": "LTS \u003c9.4.28",
"product": {
"name": "Atlassian Jira LTS \u003c9.4.28",
"product_id": "T039331"
}
},
{
"category": "product_version",
"name": "LTS 9.4.28",
"product": {
"name": "Atlassian Jira LTS 9.4.28",
"product_id": "T039331-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:lts__9.4.28"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.1.1",
"product": {
"name": "Atlassian Jira Service Management \u003c10.1.1",
"product_id": "T039332"
}
},
{
"category": "product_version",
"name": "Service Management 10.1.1",
"product": {
"name": "Atlassian Jira Service Management 10.1.1",
"product_id": "T039332-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management__10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.1.2",
"product": {
"name": "Atlassian Jira Service Management \u003c10.1.2",
"product_id": "T039333"
}
},
{
"category": "product_version",
"name": "Service Management 10.1.2",
"product": {
"name": "Atlassian Jira Service Management 10.1.2",
"product_id": "T039333-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management__10.1.2"
}
}
},
{
"category": "product_version_range",
"name": "Service Management LTS \u003c5.12.15",
"product": {
"name": "Atlassian Jira Service Management LTS \u003c5.12.15",
"product_id": "T039334"
}
},
{
"category": "product_version",
"name": "Service Management LTS 5.12.15",
"product": {
"name": "Atlassian Jira Service Management LTS 5.12.15",
"product_id": "T039334-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management_lts__5.12.15"
}
}
},
{
"category": "product_version_range",
"name": "Service Management LTS \u003c5.4.28",
"product": {
"name": "Atlassian Jira Service Management LTS \u003c5.4.28",
"product_id": "T039335"
}
},
{
"category": "product_version",
"name": "Service Management LTS 5.4.28",
"product": {
"name": "Atlassian Jira Service Management LTS 5.4.28",
"product_id": "T039335-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira_software:service_management_lts__5.4.28"
}
}
}
],
"category": "product_name",
"name": "Jira Software"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"product_status": {
"known_affected": [
"T039329",
"T039317",
"T039328",
"T039327",
"T039333",
"T039332",
"T039335",
"T039334",
"T039331",
"T039330",
"T045453",
"T045455",
"T045454"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T039329",
"T039317",
"T039328",
"T039327",
"T039333",
"T039332",
"T039335",
"T039334",
"T039331",
"T039330",
"T045453",
"T045455",
"T045454"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-45801"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…