Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-27611 (GCVE-0-2025-27611)
Vulnerability from cvelistv5 – Published: 2025-04-30 19:36 – Updated: 2025-05-01 18:49
VLAI?
EPSS
Title
base-x homograph attack allows Unicode lookalike characters to bypass validation.
Summary
base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1.
Severity ?
CWE
- CWE-1007 - Insufficient Visual Distinction of Homoglyphs Presented to User
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| cryptocoinjs | base-x |
Affected:
= 5.0.0
Affected: = 4.0.0 Affected: < 3.0.11 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-01T18:49:09.602435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T18:49:22.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "base-x",
"vendor": "cryptocoinjs",
"versions": [
{
"status": "affected",
"version": "= 5.0.0"
},
{
"status": "affected",
"version": "= 4.0.0"
},
{
"status": "affected",
"version": "\u003c 3.0.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1007",
"description": "CWE-1007: Insufficient Visual Distinction of Homoglyphs Presented to User",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T19:36:57.356Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
},
{
"name": "https://github.com/cryptocoinjs/base-x/pull/86",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
}
],
"source": {
"advisory": "GHSA-xq7p-g2vc-g82p",
"discovery": "UNKNOWN"
},
"title": "base-x homograph attack allows Unicode lookalike characters to bypass validation."
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-27611",
"datePublished": "2025-04-30T19:36:57.356Z",
"dateReserved": "2025-03-03T15:10:34.079Z",
"dateUpdated": "2025-05-01T18:49:22.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-27611\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-04-30T20:15:21.430\",\"lastModified\":\"2025-05-02T13:53:40.163\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1.\"},{\"lang\":\"es\",\"value\":\"base-x es un codificador y decodificador base de cualquier alfabeto que utiliza compresi\u00f3n de ceros a la izquierda, al estilo de Bitcoin. Las versiones 4.0.0, 5.0.0 y todas las anteriores a la 3.0.11 son vulnerables a que los atacantes enga\u00f1en a los usuarios para que env\u00eden fondos a una direcci\u00f3n no deseada. Este problema se ha corregido en las versiones 3.0.11, 4.0.1 y 5.0.1.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1007\"}]}],\"references\":[{\"url\":\"https://github.com/cryptocoinjs/base-x/pull/86\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-27611\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-01T18:49:09.602435Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-01T18:49:17.756Z\"}}], \"cna\": {\"title\": \"base-x homograph attack allows Unicode lookalike characters to bypass validation.\", \"source\": {\"advisory\": \"GHSA-xq7p-g2vc-g82p\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"cryptocoinjs\", \"product\": \"base-x\", \"versions\": [{\"status\": \"affected\", \"version\": \"= 5.0.0\"}, {\"status\": \"affected\", \"version\": \"= 4.0.0\"}, {\"status\": \"affected\", \"version\": \"\u003c 3.0.11\"}]}], \"references\": [{\"url\": \"https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p\", \"name\": \"https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/cryptocoinjs/base-x/pull/86\", \"name\": \"https://github.com/cryptocoinjs/base-x/pull/86\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1007\", \"description\": \"CWE-1007: Insufficient Visual Distinction of Homoglyphs Presented to User\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-04-30T19:36:57.356Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-27611\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-01T18:49:22.814Z\", \"dateReserved\": \"2025-03-03T15:10:34.079Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-04-30T19:36:57.356Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-XQ7P-G2VC-G82P
Vulnerability from github – Published: 2025-04-30 16:34 – Updated: 2025-05-01 13:30
VLAI?
Summary
Homograph attack allows Unicode lookalike characters to bypass validation.
Details
Impact
Attackers can deceive users into sending funds to an unintended address.
Patches
https://github.com/cryptocoinjs/base-x/pull/86
Severity ?
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "base-x"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.0.0"
]
},
{
"package": {
"ecosystem": "npm",
"name": "base-x"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.0.0"
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.0.10"
},
"package": {
"ecosystem": "npm",
"name": "base-x"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-27611"
],
"database_specific": {
"cwe_ids": [
"CWE-1007"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-30T16:34:59Z",
"nvd_published_at": "2025-04-30T20:15:21Z",
"severity": "HIGH"
},
"details": "### Impact\n\nAttackers can deceive users into sending funds to an unintended address.\n\n### Patches\n\nhttps://github.com/cryptocoinjs/base-x/pull/86",
"id": "GHSA-xq7p-g2vc-g82p",
"modified": "2025-05-01T13:30:57Z",
"published": "2025-04-30T16:34:59Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611"
},
{
"type": "WEB",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"type": "PACKAGE",
"url": "https://github.com/cryptocoinjs/base-x"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Homograph attack allows Unicode lookalike characters to bypass validation."
}
RHSA-2025:10459
Vulnerability from csaf_redhat - Published: 2025-07-07 13:35 - Updated: 2026-03-17 00:57Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
6.2 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10459
No description is available for this CVE.
0.0 (None)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10459
Workaround
Currently, no mitigation is available for this vulnerability.
A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.
CWE-400 - Uncontrolled Resource Consumption
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10459
A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10459
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().
8.8 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10459
References
Acknowledgments
Pupi1
ING Hubs Poland
Mateusz "MaTTallica" Klement
Łukasz Rupala
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10459",
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7120566",
"url": "https://access.redhat.com/articles/7120566"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "JBEAP-28866",
"url": "https://issues.redhat.com/browse/JBEAP-28866"
},
{
"category": "external",
"summary": "JBEAP-28992",
"url": "https://issues.redhat.com/browse/JBEAP-28992"
},
{
"category": "external",
"summary": "JBEAP-29257",
"url": "https://issues.redhat.com/browse/JBEAP-29257"
},
{
"category": "external",
"summary": "JBEAP-29530",
"url": "https://issues.redhat.com/browse/JBEAP-29530"
},
{
"category": "external",
"summary": "JBEAP-29679",
"url": "https://issues.redhat.com/browse/JBEAP-29679"
},
{
"category": "external",
"summary": "JBEAP-29691",
"url": "https://issues.redhat.com/browse/JBEAP-29691"
},
{
"category": "external",
"summary": "JBEAP-29692",
"url": "https://issues.redhat.com/browse/JBEAP-29692"
},
{
"category": "external",
"summary": "JBEAP-29806",
"url": "https://issues.redhat.com/browse/JBEAP-29806"
},
{
"category": "external",
"summary": "JBEAP-29863",
"url": "https://issues.redhat.com/browse/JBEAP-29863"
},
{
"category": "external",
"summary": "JBEAP-29867",
"url": "https://issues.redhat.com/browse/JBEAP-29867"
},
{
"category": "external",
"summary": "JBEAP-29984",
"url": "https://issues.redhat.com/browse/JBEAP-29984"
},
{
"category": "external",
"summary": "JBEAP-29999",
"url": "https://issues.redhat.com/browse/JBEAP-29999"
},
{
"category": "external",
"summary": "JBEAP-30087",
"url": "https://issues.redhat.com/browse/JBEAP-30087"
},
{
"category": "external",
"summary": "JBEAP-30151",
"url": "https://issues.redhat.com/browse/JBEAP-30151"
},
{
"category": "external",
"summary": "JBEAP-30157",
"url": "https://issues.redhat.com/browse/JBEAP-30157"
},
{
"category": "external",
"summary": "JBEAP-30263",
"url": "https://issues.redhat.com/browse/JBEAP-30263"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10459.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update",
"tracking": {
"current_release_date": "2026-03-17T00:57:32+00:00",
"generator": {
"date": "2026-03-17T00:57:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:10459",
"initial_release_date": "2025-07-07T13:35:06+00:00",
"revision_history": [
{
"date": "2025-07-07T13:35:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T13:35:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-17T00:57:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8.0.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"cve": "CVE-2025-27611",
"cwe": {
"id": "CWE-1007",
"name": "Insufficient Visual Distinction of Homoglyphs Presented to User"
},
"discovery_date": "2025-04-30T20:00:45.852222+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in base-x is Important because it affects the encoding and decoding of addresses in blockchain transactions. The flaw arises from mishandling of leading zero compression, enabling attackers to craft malicious encodings that deceive systems or users into misdirecting funds. As blockchain transactions are final and cannot be reversed, even a single instance of this exploit can result in permanent financial loss, making this a serious security concern beyond a Moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27611"
},
{
"category": "external",
"summary": "RHBZ#2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27611",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/pull/86",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
}
],
"release_date": "2025-04-30T19:36:57.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation."
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:35:06+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.0.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10452
Vulnerability from csaf_redhat - Published: 2025-07-07 13:32 - Updated: 2026-03-17 00:57Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
6.2 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10452
No description is available for this CVE.
0.0 (None)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10452
Workaround
Currently, no mitigation is available for this vulnerability.
A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.
CWE-400 - Uncontrolled Resource Consumption
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10452
A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10452
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().
8.8 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10452
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Pupi1
ING Hubs Poland
Mateusz "MaTTallica" Klement
Łukasz Rupala
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10452",
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7120566",
"url": "https://access.redhat.com/articles/7120566"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "JBEAP-28866",
"url": "https://issues.redhat.com/browse/JBEAP-28866"
},
{
"category": "external",
"summary": "JBEAP-28992",
"url": "https://issues.redhat.com/browse/JBEAP-28992"
},
{
"category": "external",
"summary": "JBEAP-29252",
"url": "https://issues.redhat.com/browse/JBEAP-29252"
},
{
"category": "external",
"summary": "JBEAP-29257",
"url": "https://issues.redhat.com/browse/JBEAP-29257"
},
{
"category": "external",
"summary": "JBEAP-29530",
"url": "https://issues.redhat.com/browse/JBEAP-29530"
},
{
"category": "external",
"summary": "JBEAP-29679",
"url": "https://issues.redhat.com/browse/JBEAP-29679"
},
{
"category": "external",
"summary": "JBEAP-29691",
"url": "https://issues.redhat.com/browse/JBEAP-29691"
},
{
"category": "external",
"summary": "JBEAP-29692",
"url": "https://issues.redhat.com/browse/JBEAP-29692"
},
{
"category": "external",
"summary": "JBEAP-29806",
"url": "https://issues.redhat.com/browse/JBEAP-29806"
},
{
"category": "external",
"summary": "JBEAP-29863",
"url": "https://issues.redhat.com/browse/JBEAP-29863"
},
{
"category": "external",
"summary": "JBEAP-29867",
"url": "https://issues.redhat.com/browse/JBEAP-29867"
},
{
"category": "external",
"summary": "JBEAP-29984",
"url": "https://issues.redhat.com/browse/JBEAP-29984"
},
{
"category": "external",
"summary": "JBEAP-29999",
"url": "https://issues.redhat.com/browse/JBEAP-29999"
},
{
"category": "external",
"summary": "JBEAP-30087",
"url": "https://issues.redhat.com/browse/JBEAP-30087"
},
{
"category": "external",
"summary": "JBEAP-30151",
"url": "https://issues.redhat.com/browse/JBEAP-30151"
},
{
"category": "external",
"summary": "JBEAP-30157",
"url": "https://issues.redhat.com/browse/JBEAP-30157"
},
{
"category": "external",
"summary": "JBEAP-30263",
"url": "https://issues.redhat.com/browse/JBEAP-30263"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10452.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update",
"tracking": {
"current_release_date": "2026-03-17T00:57:30+00:00",
"generator": {
"date": "2026-03-17T00:57:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:10452",
"initial_release_date": "2025-07-07T13:32:31+00:00",
"revision_history": [
{
"date": "2025-07-07T13:32:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T13:32:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-17T00:57:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.2.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.36-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-dom@0.8.12-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-storage@0.8.12-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.17-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.8.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-3.redhat_00017.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.6-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity-engine-core@2.3.0-4.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.8-4.GA_redhat_00006.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"cve": "CVE-2025-27611",
"cwe": {
"id": "CWE-1007",
"name": "Insufficient Visual Distinction of Homoglyphs Presented to User"
},
"discovery_date": "2025-04-30T20:00:45.852222+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in base-x is Important because it affects the encoding and decoding of addresses in blockchain transactions. The flaw arises from mishandling of leading zero compression, enabling attackers to craft malicious encodings that deceive systems or users into misdirecting funds. As blockchain transactions are final and cannot be reversed, even a single instance of this exploit can result in permanent financial loss, making this a serious security concern beyond a Moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27611"
},
{
"category": "external",
"summary": "RHBZ#2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27611",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/pull/86",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
}
],
"release_date": "2025-04-30T19:36:57.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation."
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:32:31+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10452"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
RHSA-2025:10453
Vulnerability from csaf_redhat - Published: 2025-07-07 13:27 - Updated: 2026-03-17 00:57Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)
* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)
* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)
* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)
* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [eap-8.0.z] (CVE-2025-48734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
6.2 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10453
No description is available for this CVE.
0.0 (None)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10453
Workaround
Currently, no mitigation is available for this vulnerability.
A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.
CWE-400 - Uncontrolled Resource Consumption
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10453
A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10453
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().
8.8 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:10453
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Pupi1
ING Hubs Poland
Mateusz "MaTTallica" Klement
Łukasz Rupala
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.jboss.hal-hal-parent: base-x homograph attack allows Unicode lookalike characters to bypass validation. [eap-8.0.z] (CVE-2025-27611)\n\n* org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console [eap-8.0.z] (CVE-2025-2901)\n\n* wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution [eap-8.0.z] (CVE-2025-2251)\n\n* org.apache.cxf/cxf-core: Apache CXF: Denial of Service vulnerability with temporary files [eap-8.0.z] (CVE-2025-23184)\n\n* commons-beanutils-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils-core: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* org.jboss.eap-jboss-eap-xp: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\n* commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default [eap-8.0.z] (CVE-2025-48734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10453",
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7120566",
"url": "https://access.redhat.com/articles/7120566"
},
{
"category": "external",
"summary": "2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "JBEAP-28866",
"url": "https://issues.redhat.com/browse/JBEAP-28866"
},
{
"category": "external",
"summary": "JBEAP-28992",
"url": "https://issues.redhat.com/browse/JBEAP-28992"
},
{
"category": "external",
"summary": "JBEAP-29253",
"url": "https://issues.redhat.com/browse/JBEAP-29253"
},
{
"category": "external",
"summary": "JBEAP-29257",
"url": "https://issues.redhat.com/browse/JBEAP-29257"
},
{
"category": "external",
"summary": "JBEAP-29530",
"url": "https://issues.redhat.com/browse/JBEAP-29530"
},
{
"category": "external",
"summary": "JBEAP-29679",
"url": "https://issues.redhat.com/browse/JBEAP-29679"
},
{
"category": "external",
"summary": "JBEAP-29691",
"url": "https://issues.redhat.com/browse/JBEAP-29691"
},
{
"category": "external",
"summary": "JBEAP-29692",
"url": "https://issues.redhat.com/browse/JBEAP-29692"
},
{
"category": "external",
"summary": "JBEAP-29806",
"url": "https://issues.redhat.com/browse/JBEAP-29806"
},
{
"category": "external",
"summary": "JBEAP-29863",
"url": "https://issues.redhat.com/browse/JBEAP-29863"
},
{
"category": "external",
"summary": "JBEAP-29867",
"url": "https://issues.redhat.com/browse/JBEAP-29867"
},
{
"category": "external",
"summary": "JBEAP-29984",
"url": "https://issues.redhat.com/browse/JBEAP-29984"
},
{
"category": "external",
"summary": "JBEAP-29999",
"url": "https://issues.redhat.com/browse/JBEAP-29999"
},
{
"category": "external",
"summary": "JBEAP-30087",
"url": "https://issues.redhat.com/browse/JBEAP-30087"
},
{
"category": "external",
"summary": "JBEAP-30151",
"url": "https://issues.redhat.com/browse/JBEAP-30151"
},
{
"category": "external",
"summary": "JBEAP-30157",
"url": "https://issues.redhat.com/browse/JBEAP-30157"
},
{
"category": "external",
"summary": "JBEAP-30263",
"url": "https://issues.redhat.com/browse/JBEAP-30263"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10453.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update",
"tracking": {
"current_release_date": "2026-03-17T00:57:30+00:00",
"generator": {
"date": "2026-03-17T00:57:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:10453",
"initial_release_date": "2025-07-07T13:27:47+00:00",
"revision_history": [
{
"date": "2025-07-07T13:27:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-07T13:27:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-17T00:57:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-remoting@5.0.31-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-elytron-web@4.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.2.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.36-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.12-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-dom@0.8.12-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-storage@0.8.12-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.17-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.17-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.8.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.8.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-3.redhat_00017.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.6-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.24-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava2@2.2.21-3.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-4.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity-engine-core@2.3.0-4.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-4.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.11.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.8-4.GA_redhat_00006.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Pupi1"
]
}
],
"cve": "CVE-2025-2251",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-03-12T13:33:14.782000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351678"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2251"
},
{
"category": "external",
"summary": "RHBZ#2351678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2251"
}
],
"release_date": "2025-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Mateusz \"MaTTallica\" Klement",
"\u0141ukasz Rupala"
],
"organization": "ING Hubs Poland"
}
],
"cve": "CVE-2025-2901",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-03-28T06:08:36.048000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355685"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-2901"
},
{
"category": "external",
"summary": "RHBZ#2355685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2901"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2901"
}
],
"release_date": "2025-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-01-21T10:00:44.959656+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339095"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23184"
},
{
"category": "external",
"summary": "RHBZ#2339095",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339095"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23184"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122",
"url": "https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122"
}
],
"release_date": "2025-01-21T09:35:37.468000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files"
},
{
"cve": "CVE-2025-27611",
"cwe": {
"id": "CWE-1007",
"name": "Insufficient Visual Distinction of Homoglyphs Presented to User"
},
"discovery_date": "2025-04-30T20:00:45.852222+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in base-x is Important because it affects the encoding and decoding of addresses in blockchain transactions. The flaw arises from mishandling of leading zero compression, enabling attackers to craft malicious encodings that deceive systems or users into misdirecting funds. As blockchain transactions are final and cannot be reversed, even a single instance of this exploit can result in permanent financial loss, making this a serious security concern beyond a Moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27611"
},
{
"category": "external",
"summary": "RHBZ#2363176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27611",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27611"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/pull/86",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"category": "external",
"summary": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
}
],
"release_date": "2025-04-30T19:36:57.356000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation."
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2025-05-28T14:00:56.619771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2368956"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity because a flaw exists in Apache Commons BeanUtils, where PropertyUtilsBean and BeanUtilsBean allow uncontrolled access to the declaredClass property of Java enum objects. Applications that pass untrusted property paths directly to getProperty() or getNestedProperty() methods are at risk, as attackers can exploit this behavior to retrieve the ClassLoader instance and execute arbitrary code in the context of the affected application. This issue leads to compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48734"
},
{
"category": "external",
"summary": "RHBZ#2368956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9",
"url": "https://github.com/advisories/GHSA-wxr5-93ph-8wr9"
},
{
"category": "external",
"summary": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc",
"url": "https://github.com/apache/commons-beanutils/commit/28ad955a1613ed5885870cc7da52093c1ce739dc"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9",
"url": "https://lists.apache.org/thread/s0hb3jkfj5f3ryx6c57zqtfohb0of1g9"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/28/6",
"url": "https://www.openwall.com/lists/oss-security/2025/05/28/6"
}
],
"release_date": "2025-05-28T13:32:08.300000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-07T13:27:47+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10453"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-3.redhat_00017.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-3.redhat_00017.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.11.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.6-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.6-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.12-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.12-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.8.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.8.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-elytron-web-0:4.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.36-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.36-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-4.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-remoting-0:5.0.31-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.3.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava2-0:2.2.21-3.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.17-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.17-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.8-4.GA_redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.8-4.GA_redhat_00006.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum\u0027s declaredClass property by default"
}
]
}
FKIE_CVE-2025-27611
Vulnerability from fkie_nvd - Published: 2025-04-30 20:15 - Updated: 2025-05-02 13:53
Severity ?
Summary
base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1."
},
{
"lang": "es",
"value": "base-x es un codificador y decodificador base de cualquier alfabeto que utiliza compresi\u00f3n de ceros a la izquierda, al estilo de Bitcoin. Las versiones 4.0.0, 5.0.0 y todas las anteriores a la 3.0.11 son vulnerables a que los atacantes enga\u00f1en a los usuarios para que env\u00eden fondos a una direcci\u00f3n no deseada. Este problema se ha corregido en las versiones 3.0.11, 4.0.1 y 5.0.1."
}
],
"id": "CVE-2025-27611",
"lastModified": "2025-05-02T13:53:40.163",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-04-30T20:15:21.430",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/cryptocoinjs/base-x/pull/86"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/cryptocoinjs/base-x/security/advisories/GHSA-xq7p-g2vc-g82p"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1007"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…