Vulnerability-Lookup

CVE-2022-21363 (GCVE-0-2022-21363)

Vulnerability from cvelistv5 – Published: 2022-01-19 11:25 – Updated: 2024-09-24 20:18

Summary

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).

Severity ?

6.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.

Assigner

oracle

References

1 reference

URL	Tags
https://www.oracle.com/security-alerts/cpujan2022.html	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
Oracle Corporation	MySQL Connectors	Affected: 8.0.27 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:38:55.579Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-21363",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T17:38:01.377149Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T20:18:47.834Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Connectors",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.27 and prior"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-19T11:25:43.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2022-21363",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MySQL Connectors",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.0.27 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.6",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2022-21363",
    "datePublished": "2022-01-19T11:25:44.000Z",
    "dateReserved": "2021-11-15T00:00:00.000Z",
    "dateUpdated": "2024-09-24T20:18:47.834Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-21363",
      "date": "2026-05-19",
      "epss": "0.00754",
      "percentile": "0.73428"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndIncluding\": \"8.0.27\", \"matchCriteriaId\": \"6C45263D-F272-43ED-9D16-0AD7D43AAA9C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.0\", \"matchCriteriaId\": \"00DB1A4B-0ED9-4988-ADCA-FBFA552DDA49\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el producto MySQL Connectors de Oracle MySQL (componente: Connector/J). Las versiones compatibles que est\\u00e1n afectadas son 8.0.27 y anteriores. Una vulnerabilidad dif\\u00edcil de explotar permite a un atacante muy privilegiado con acceso a la red por medio de m\\u00faltiples protocolos comprometer los Conectores de MySQL. Los ataques con \\u00e9xito de esta vulnerabilidad pueden resultar en la toma de control de los Conectores MySQL. CVSS 3.1, Puntuaci\\u00f3n base 6.6 (impactos de confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\"}]",
      "id": "CVE-2022-21363",
      "lastModified": "2024-11-21T06:44:31.217",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert_us@oracle.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.7, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 6.8, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-01-19T12:15:15.680",
      "references": "[{\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secalert_us@oracle.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-21363\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2022-01-19T12:15:15.680\",\"lastModified\":\"2024-11-21T06:44:31.217\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el producto MySQL Connectors de Oracle MySQL (componente: Connector/J). Las versiones compatibles que est\u00e1n afectadas son 8.0.27 y anteriores. Una vulnerabilidad dif\u00edcil de explotar permite a un atacante muy privilegiado con acceso a la red por medio de m\u00faltiples protocolos comprometer los Conectores de MySQL. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en la toma de control de los Conectores MySQL. CVSS 3.1, Puntuaci\u00f3n base 6.6 (impactos de confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert_us@oracle.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.7,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:P/A:P\",\"baseScore\":6.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.8,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.0.27\",\"matchCriteriaId\":\"6C45263D-F272-43ED-9D16-0AD7D43AAA9C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.0\",\"matchCriteriaId\":\"00DB1A4B-0ED9-4988-ADCA-FBFA552DDA49\"}]}]}],\"references\":[{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T02:38:55.579Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-21363\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-24T17:38:01.377149Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-24T17:39:41.885Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"MySQL Connectors\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.27 and prior\"}]}], \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2022-01-19T11:25:43.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.1\", \"baseScore\": \"6.6\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\"}}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"8.0.27 and prior\", \"version_affected\": \"=\"}]}, \"product_name\": \"MySQL Connectors\"}]}, \"vendor_name\": \"Oracle Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors.\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-21363\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-21363\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-24T20:18:47.834Z\", \"dateReserved\": \"2021-11-15T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2022-01-19T11:25:44.000Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2022-AVI-052

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Oracle MySQL. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une exécution de code arbitraire et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	MySQL	MySQL Cluster versions 7.6.20 et antérieures
Oracle	MySQL	MySQL Cluster versions 7.4.34 et antérieures
Oracle	MySQL	MySQL Connectors versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Workbench versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Cluster versions 7.5.24 et antérieures
Oracle	MySQL	MySQL Server versions 5.7.x antérieures à 5.7.37
Oracle	MySQL	MySQL Cluster versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Server versions 8.0.x antérieures à 8.0.28

References

Title

Publication Time

CERTFR-2022-AVI-052

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	MySQL	MySQL Cluster versions 7.6.20 et antérieures
Oracle	MySQL	MySQL Cluster versions 7.4.34 et antérieures
Oracle	MySQL	MySQL Connectors versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Workbench versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Cluster versions 7.5.24 et antérieures
Oracle	MySQL	MySQL Server versions 5.7.x antérieures à 5.7.37
Oracle	MySQL	MySQL Cluster versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Server versions 8.0.x antérieures à 8.0.28

References

Title

Publication Time

BDU:2022-02025

Vulnerability from fstec - Published: 15.11.2021

Title

Уязвимость компонента Connector/J драйвера MySQL Connectors системы управления базами данных MySQL, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость компонента Connector/J драйвера MySQL Connectors системы управления базами данных MySQL связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код

Severity ?


                    
                      AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Vendor

Red Hat Inc., Oracle Corp.

Software Name

Red Hat JBoss Fuse, JBoss Enterprise Application Platform, Red Hat Descision Manager, Red Hat Process Automation, Red Hat build of Quarkus, MySQL Connectors, Red Hat OpenShift Container Platform, Red Hat Integration Change Data Capture, Red Hat Satellite

Software Version

7 (Red Hat JBoss Fuse), 7 (JBoss Enterprise Application Platform), 7 (Red Hat Descision Manager), 7 (Red Hat Process Automation), - (Red Hat build of Quarkus), до 8.0.27 включительно (MySQL Connectors), 4 (Red Hat OpenShift Container Platform), - (Red Hat Integration Change Data Capture), 6 (Red Hat Satellite)

Possible Mitigations

Использование рекомендаций: Для программных продуктов Oracle Corp.: https://www.oracle.com/security-alerts/cpujan2022.html Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2022-21363

Reference

https://www.cybersecurity-help.cz/vdb/SB2022011904 https://vuldb.com/ru/?id.191052 https://safe-surf.ru/specialists/base-vulnerabilities/675289/ https://access.redhat.com/security/cve/cve-2022-21363 https://www.oracle.com/security-alerts/cpujan2022.html

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., Oracle Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7 (Red Hat JBoss Fuse), 7 (JBoss Enterprise Application Platform), 7 (Red Hat Descision Manager), 7 (Red Hat Process Automation), - (Red Hat build of Quarkus), \u0434\u043e 8.0.27 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (MySQL Connectors), 4 (Red Hat OpenShift Container Platform), - (Red Hat Integration Change Data Capture), 6 (Red Hat Satellite)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Oracle Corp.:\nhttps://www.oracle.com/security-alerts/cpujan2022.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2022-21363",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.11.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "08.04.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "08.04.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-02025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-21363",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat JBoss Fuse, JBoss Enterprise Application Platform, Red Hat Descision Manager, Red Hat Process Automation, Red Hat build of Quarkus, MySQL Connectors, Red Hat OpenShift Container Platform, Red Hat Integration Change Data Capture, Red Hat Satellite",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Connector/J \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 MySQL Connectors \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MySQL, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Connector/J \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 MySQL Connectors \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MySQL \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.cybersecurity-help.cz/vdb/SB2022011904\nhttps://vuldb.com/ru/?id.191052\nhttps://safe-surf.ru/specialists/base-vulnerabilities/675289/\nhttps://access.redhat.com/security/cve/cve-2022-21363\nhttps://www.oracle.com/security-alerts/cpujan2022.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,6)"
}

CNVD-2022-15473

Vulnerability from cnvd - Published: 2022-03-01

Title

Oracle MySQL Connectors输入验证错误漏洞（CNVD-2022-15473）

Description

Oracle MySQL是美国甲骨文（Oracle）公司的一套开源的关系数据库管理系统。MySQL Connectors是其中的一个连接使用MySQL的应用程序的驱动程序。 Oracle MySQL Connectors (组件: Connector/J) 8.0.27及之前版本存在输入验证错误漏洞。攻击者可利用该漏洞通过多种协议进行网络访问，从而破坏Oracle MySQL Connectors，导致Oracle MySQL Connectors被接管。

Severity

中

Patch Name

Oracle MySQL Connectors输入验证错误漏洞（CNVD-2022-15473）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.oracle.com/security-alerts/cpujan2022.html

Reference

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21363

Impacted products

Name
Oracle MySQL Connectors <= 8.0.27

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-21363",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363"
    }
  },
  "description": "Oracle MySQL\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002MySQL Connectors\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u8fde\u63a5\u4f7f\u7528MySQL\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u9a71\u52a8\u7a0b\u5e8f\u3002\n\nOracle MySQL Connectors (\u7ec4\u4ef6: Connector/J) 8.0.27\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u591a\u79cd\u534f\u8bae\u8fdb\u884c\u7f51\u7edc\u8bbf\u95ee\uff0c\u4ece\u800c\u7834\u574fOracle MySQL Connectors\uff0c\u5bfc\u81f4Oracle MySQL Connectors\u88ab\u63a5\u7ba1\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.oracle.com/security-alerts/cpujan2022.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-15473",
  "openTime": "2022-03-01",
  "patchDescription": "Oracle MySQL\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002MySQL Connectors\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u8fde\u63a5\u4f7f\u7528MySQL\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nOracle MySQL Connectors (\u7ec4\u4ef6: Connector/J) 8.0.27\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u591a\u79cd\u534f\u8bae\u8fdb\u884c\u7f51\u7edc\u8bbf\u95ee\uff0c\u4ece\u800c\u7834\u574fOracle MySQL Connectors\uff0c\u5bfc\u81f4Oracle MySQL Connectors\u88ab\u63a5\u7ba1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Oracle MySQL Connectors\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2022-15473\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Oracle MySQL Connectors \u003c= 8.0.27"
  },
  "referenceLink": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21363",
  "serverity": "\u4e2d",
  "submitTime": "2022-01-26",
  "title": "Oracle MySQL Connectors\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2022-15473\uff09"
}

FKIE_CVE-2022-21363

Vulnerability from fkie_nvd - Published: 2022-01-19 12:15 - Updated: 2024-11-21 06:44

Severity ?

6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	secalert_us@oracle.com	https://www.oracle.com/security-alerts/cpujan2022.html	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2022.html	Vendor Advisory

Impacted products

	Vendor	Product	Version
	oracle	mysql_connectors	*
	quarkus	quarkus	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C45263D-F272-43ED-9D16-0AD7D43AAA9C",
              "versionEndIncluding": "8.0.27",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00DB1A4B-0ED9-4988-ADCA-FBFA552DDA49",
              "versionEndExcluding": "2.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el producto MySQL Connectors de Oracle MySQL (componente: Connector/J). Las versiones compatibles que est\u00e1n afectadas son 8.0.27 y anteriores. Una vulnerabilidad dif\u00edcil de explotar permite a un atacante muy privilegiado con acceso a la red por medio de m\u00faltiples protocolos comprometer los Conectores de MySQL. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en la toma de control de los Conectores MySQL. CVSS 3.1, Puntuaci\u00f3n base 6.6 (impactos de confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)"
    }
  ],
  "id": "CVE-2022-21363",
  "lastModified": "2024-11-21T06:44:31.217",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 5.9,
        "source": "secalert_us@oracle.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-01-19T12:15:15.680",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-G76J-4CXX-23H9

Vulnerability from github – Published: 2022-01-20 00:00 – Updated: 2022-06-20 22:48

Summary

Improper Handling of Insufficient Permissions or Privileges in MySQL Connectors Java

Details

Severity ?

6.6 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 8.0.27"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "mysql:mysql-connector-java"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.28"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-21363"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-280"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-20T22:48:44Z",
    "nvd_published_at": "2022-01-19T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
  "id": "GHSA-g76j-4cxx-23h9",
  "modified": "2022-06-20T22:48:44Z",
  "published": "2022-01-20T00:00:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Handling of Insufficient Permissions or Privileges in MySQL Connectors Java"
}

GSD-2022-21363

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-21363

Aliases

CVE-2022-21363

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-21363",
    "description": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
    "id": "GSD-2022-21363",
    "references": [
      "https://www.suse.com/security/cve/CVE-2022-21363.html",
      "https://access.redhat.com/errata/RHSA-2022:4623",
      "https://access.redhat.com/errata/RHSA-2022:4918",
      "https://access.redhat.com/errata/RHSA-2022:4919",
      "https://access.redhat.com/errata/RHSA-2022:4922",
      "https://access.redhat.com/errata/RHSA-2022:5532",
      "https://access.redhat.com/errata/RHSA-2022:6813"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-21363"
      ],
      "details": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
      "id": "GSD-2022-21363",
      "modified": "2023-12-13T01:19:14.418067Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2022-21363",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "MySQL Connectors",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "8.0.27 and prior"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Oracle Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": "6.6",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors."
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[8.0.0,8.0.27]",
          "affected_versions": "All versions starting from 8.0.0 up to 8.0.27",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2022-05-27",
          "description": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.",
          "fixed_versions": [],
          "identifier": "CVE-2022-21363",
          "identifiers": [
            "CVE-2022-21363"
          ],
          "not_impacted": "",
          "package_slug": "maven/mysql-connector-java",
          "pubdate": "2022-01-19",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Unknown Vulnerability",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2022-21363",
            "https://www.oracle.com/security-alerts/cpujan2022.html"
          ],
          "uuid": "ac0bbe7d-9b53-4235-8ea2-0c9c69efa7eb"
        },
        {
          "affected_range": "(,8.0.27]",
          "affected_versions": "All versions up to 8.0.27",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2022-06-20",
          "description": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (.",
          "fixed_versions": [
            "8.0.28"
          ],
          "identifier": "CVE-2022-21363",
          "identifiers": [
            "GHSA-g76j-4cxx-23h9",
            "CVE-2022-21363"
          ],
          "not_impacted": "All versions after 8.0.27",
          "package_slug": "maven/mysql/mysql-connector-java",
          "pubdate": "2022-01-20",
          "solution": "Upgrade to version 8.0.28 or above.",
          "title": "Improper Handling of Insufficient Permissions or Privileges in MySQL Connectors Java",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2022-21363",
            "https://www.oracle.com/security-alerts/cpujan2022.html",
            "https://github.com/advisories/GHSA-g76j-4cxx-23h9"
          ],
          "uuid": "51580cec-5a61-4644-96fa-4a90a99e331c"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.27",
                "versionStartIncluding": "8.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.7.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2022-21363"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 0.7,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-05-27T14:50Z",
      "publishedDate": "2022-01-19T12:15Z"
    }
  }
}

MSRC_CVE-2022-21363

Vulnerability from csaf_microsoft - Published: 2022-01-02 00:00 - Updated: 2022-01-25 00:00

Summary

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2022-21363

6.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 18805-16820		—
Unresolved product id: 18806-17086		—

Known affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 16820-2		—	Vendor Fix fix
Unresolved product id: 17086-1		—	Vendor Fix fix

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2022/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2022/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2022-21363 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-21363.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
    "tracking": {
      "current_release_date": "2022-01-25T00:00:00.000Z",
      "generator": {
        "date": "2025-10-19T23:13:23.019Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2022-21363",
      "initial_release_date": "2022-01-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2022-01-25T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "CBL Mariner 1.0",
                  "product_id": "16820"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccm1 mysql 8.0.28-1",
                "product": {
                  "name": "\u003ccm1 mysql 8.0.28-1",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "cm1 mysql 8.0.28-1",
                "product": {
                  "name": "cm1 mysql 8.0.28-1",
                  "product_id": "18805"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 mysql 8.0.28-1",
                "product": {
                  "name": "\u003ccbl2 mysql 8.0.28-1",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 mysql 8.0.28-1",
                "product": {
                  "name": "cbl2 mysql 8.0.28-1",
                  "product_id": "18806"
                }
              }
            ],
            "category": "product_name",
            "name": "mysql"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccm1 mysql 8.0.28-1 as a component of CBL Mariner 1.0",
          "product_id": "16820-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cm1 mysql 8.0.28-1 as a component of CBL Mariner 1.0",
          "product_id": "18805-16820"
        },
        "product_reference": "18805",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 mysql 8.0.28-1 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 mysql 8.0.28-1 as a component of CBL Mariner 2.0",
          "product_id": "18806-17086"
        },
        "product_reference": "18806",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-21363",
      "notes": [
        {
          "category": "general",
          "text": "oracle",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "18805-16820",
          "18806-17086"
        ],
        "known_affected": [
          "16820-2",
          "17086-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-21363 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-21363.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-01-25T00:00:00.000Z",
          "details": "8.0.28-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "16820-2",
            "17086-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "temporalScore": 6.6,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "16820-2",
            "17086-1"
          ]
        }
      ],
      "title": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)."
    }
  ]
}

RHSA-2022:4623

Vulnerability from csaf_redhat - Published: 2022-05-18 10:56 - Updated: 2026-05-14 22:32

Summary

Red Hat Security Advisory: Red Hat build of Quarkus 2.7.5 release and security update

Severity

Moderate

Notes

Topic: An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.

Details: This release of Red Hat build of Quarkus 2.7.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Security Fix(es): * gradle: information disclosure through temporary directory permissions (CVE-2021-29429) * gradle: repository content filters do not work in Settings pluginManagement (CVE-2021-29427) * gradle: local privilege escalation through system temporary director (CVE-2021-29428) * smallrye-health-ui: persistent cross-site scripting in endpoint (CVE-2021-3914) * Quarkus Resteasy component may return Resteasy implementation details * netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797) * jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724) * mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors (CVE-2022-21363) * quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981) * protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2021-3914

It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2021-22569

A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-696 - Incorrect Behavior Order

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2021-29427

In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies. This feature was introduced in the wake of the "A Confusing Dependency" blog post. In some cases, Gradle may ignore content filters and search all repositories for dependencies. This only occurs when repository content filtering is used from within a `pluginManagement` block in a settings file. This may change how dependencies are resolved for Gradle plugins and build scripts. For builds that are vulnerable, there are two risks: 1) Information disclosure: Gradle could make dependency requests to repositories outside your organization and leak internal package identifiers. 2) Dependency poisoning/Dependency confusion: Gradle could download a malicious binary from a repository outside your organization due to name squatting. For a full example and more details refer to the referenced GitHub Security Advisory. The problem has been patched and released with Gradle 7.0. Users relying on this feature should upgrade their build as soon as possible. As a workaround, users may use a company repository which has the right rules for fetching packages from public repositories, or use project level repository content filtering, inside `buildscript.repositories`. This option is available since Gradle 5.1 when the feature was introduced.

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2021-29428

In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreating files in the system temporary directory. This vulnerability impacted builds using precompiled script plugins written in Kotlin DSL and tests for Gradle plugins written using ProjectBuilder or TestKit. If you are on Windows or modern versions of macOS, you are not vulnerable. If you are on a Unix-like operating system with the "sticky" bit set on your system temporary directory, you are not vulnerable. The problem has been patched and released with Gradle 7.0. As a workaround, on Unix-like operating systems, ensure that the "sticky" bit is set. This only allows the original user (or root) to delete a file. If you are unable to change the permissions of the system temporary directory, you can move the Java temporary directory by setting the System Property `java.io.tmpdir`. The new path needs to limit permissions to the build user only. For additional details refer to the referenced GitHub Security Advisory.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-276 - Incorrect Default Permissions

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2021-29429

In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded into the system temporary directory first. Sensitive information contained in these files can be exposed to other local users on the same system. If you do not use the `TextResourceFactory` API, you are not vulnerable. As of Gradle 7.0, uses of the system temporary directory have been moved to the Gradle User Home directory. By default, this directory is restricted to the user running the build. As a workaround, set a more restrictive umask that removes read access to other users. When files are created in the system temporary directory, they will not be accessible to other users. If you are unable to change your system's umask, you can move the Java temporary directory by setting the System Property `java.io.tmpdir`. The new path needs to limit permissions to the build user only.

4.0 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Low

CVE-2021-43797

A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2022-0981

A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

CWE-863 - Incorrect Authorization

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2022-21363

6.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-280 - Improper Handling of Insufficient Permissions or Privileges

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2022-21724

pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-665 - Improper Initialization

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Quarkus 2.7.5 Red Hat / Red Hat build of Quarkus	`cpe:/a:redhat:quarkus:2.7`	—	Vendor Fix fix

Threats

Impact Moderate

References

57 references

URL	Category
https://access.redhat.com/errata/RHSA-2022:4623	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/jbossnetwork/restricted…	external
https://access.redhat.com/documentation/en-us/red…	external
https://access.redhat.com/articles/4966181	external
https://bugzilla.redhat.com/show_bug.cgi?id=1949636	external
https://bugzilla.redhat.com/show_bug.cgi?id=1949638	external
https://bugzilla.redhat.com/show_bug.cgi?id=1949643	external
https://bugzilla.redhat.com/show_bug.cgi?id=2018015	external
https://bugzilla.redhat.com/show_bug.cgi?id=2031958	external
https://bugzilla.redhat.com/show_bug.cgi?id=2039903	external
https://bugzilla.redhat.com/show_bug.cgi?id=2047343	external
https://bugzilla.redhat.com/show_bug.cgi?id=2050863	external
https://bugzilla.redhat.com/show_bug.cgi?id=2062520	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2021-3914	self
https://bugzilla.redhat.com/show_bug.cgi?id=2018015	external
https://www.cve.org/CVERecord?id=CVE-2021-3914	external
https://nvd.nist.gov/vuln/detail/CVE-2021-3914	external
https://access.redhat.com/security/cve/CVE-2021-22569	self
https://bugzilla.redhat.com/show_bug.cgi?id=2039903	external
https://www.cve.org/CVERecord?id=CVE-2021-22569	external
https://nvd.nist.gov/vuln/detail/CVE-2021-22569	external
https://github.com/protocolbuffers/protobuf/commi…	external
https://github.com/protocolbuffers/protobuf/secur…	external
https://access.redhat.com/security/cve/CVE-2021-29427	self
https://bugzilla.redhat.com/show_bug.cgi?id=1949638	external
https://www.cve.org/CVERecord?id=CVE-2021-29427	external
https://nvd.nist.gov/vuln/detail/CVE-2021-29427	external
https://access.redhat.com/security/cve/CVE-2021-29428	self
https://bugzilla.redhat.com/show_bug.cgi?id=1949643	external
https://www.cve.org/CVERecord?id=CVE-2021-29428	external
https://nvd.nist.gov/vuln/detail/CVE-2021-29428	external
https://access.redhat.com/security/cve/CVE-2021-29429	self
https://bugzilla.redhat.com/show_bug.cgi?id=1949636	external
https://www.cve.org/CVERecord?id=CVE-2021-29429	external
https://nvd.nist.gov/vuln/detail/CVE-2021-29429	external
https://access.redhat.com/security/cve/CVE-2021-43797	self
https://bugzilla.redhat.com/show_bug.cgi?id=2031958	external
https://www.cve.org/CVERecord?id=CVE-2021-43797	external
https://nvd.nist.gov/vuln/detail/CVE-2021-43797	external
https://github.com/netty/netty/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2022-0981	self
https://bugzilla.redhat.com/show_bug.cgi?id=2062520	external
https://www.cve.org/CVERecord?id=CVE-2022-0981	external
https://nvd.nist.gov/vuln/detail/CVE-2022-0981	external
https://github.com/quarkusio/quarkus/issues/23269	external
https://access.redhat.com/security/cve/CVE-2022-21363	self
https://bugzilla.redhat.com/show_bug.cgi?id=2047343	external
https://www.cve.org/CVERecord?id=CVE-2022-21363	external
https://nvd.nist.gov/vuln/detail/CVE-2022-21363	external
https://www.oracle.com/security-alerts/cpujan2022…	external
https://access.redhat.com/security/cve/CVE-2022-21724	self
https://bugzilla.redhat.com/show_bug.cgi?id=2050863	external
https://www.cve.org/CVERecord?id=CVE-2022-21724	external
https://nvd.nist.gov/vuln/detail/CVE-2022-21724	external
https://github.com/advisories/GHSA-v7wg-cpwc-24m4	external

Acknowledgments

Red Hat Sanne Grinovero

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This release of Red Hat build of Quarkus 2.7.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* gradle: information disclosure through temporary directory permissions (CVE-2021-29429)\n\n* gradle: repository content filters do not work in Settings pluginManagement (CVE-2021-29427)\n\n* gradle: local privilege escalation through system temporary director (CVE-2021-29428)\n\n* smallrye-health-ui: persistent cross-site scripting in endpoint (CVE-2021-3914)\n\n* Quarkus Resteasy component may return Resteasy implementation details \n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)\n\n* mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors (CVE-2022-21363)\n\n* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:4623",
        "url": "https://access.redhat.com/errata/RHSA-2022:4623"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=2.7.5",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=2.7.5"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.7/",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.7/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/4966181",
        "url": "https://access.redhat.com/articles/4966181"
      },
      {
        "category": "external",
        "summary": "1949636",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949636"
      },
      {
        "category": "external",
        "summary": "1949638",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949638"
      },
      {
        "category": "external",
        "summary": "1949643",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949643"
      },
      {
        "category": "external",
        "summary": "2018015",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018015"
      },
      {
        "category": "external",
        "summary": "2031958",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
      },
      {
        "category": "external",
        "summary": "2039903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
      },
      {
        "category": "external",
        "summary": "2047343",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
      },
      {
        "category": "external",
        "summary": "2050863",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
      },
      {
        "category": "external",
        "summary": "2062520",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062520"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4623.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat build of Quarkus 2.7.5 release and security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:32:07+00:00",
      "generator": {
        "date": "2026-05-14T22:32:07+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2022:4623",
      "initial_release_date": "2022-05-18T10:56:05+00:00",
      "revision_history": [
        {
          "date": "2022-05-18T10:56:05+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-05-18T10:56:05+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:32:07+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Quarkus 2.7.5",
                "product": {
                  "name": "Red Hat build of Quarkus 2.7.5",
                  "product_id": "Red Hat build of Quarkus 2.7.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quarkus:2.7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat build of Quarkus"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3914",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2021-10-27T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2018015"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "smallrye-health-ui: persistent cross-site scripting in endpoint",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-3914"
        },
        {
          "category": "external",
          "summary": "RHBZ#2018015",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018015"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3914",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-3914"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3914",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3914"
        }
      ],
      "release_date": "2021-10-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "smallrye-health-ui: persistent cross-site scripting in endpoint"
    },
    {
      "cve": "CVE-2021-22569",
      "cwe": {
        "id": "CWE-696",
        "name": "Incorrect Behavior Order"
      },
      "discovery_date": "2022-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2039903"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf-java: potential DoS in the parsing procedure for binary data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "RHBZ#2039903",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
          "url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
          "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
        }
      ],
      "release_date": "2022-01-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "protobuf-java: potential DoS in the parsing procedure for binary data"
    },
    {
      "cve": "CVE-2021-29427",
      "cwe": {
        "id": "CWE-829",
        "name": "Inclusion of Functionality from Untrusted Control Sphere"
      },
      "discovery_date": "2021-04-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1949638"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies. This feature was introduced in the wake of the \"A Confusing Dependency\" blog post. In some cases, Gradle may ignore content filters and search all repositories for dependencies. This only occurs when repository content filtering is used from within a `pluginManagement` block in a settings file. This may change how dependencies are resolved for Gradle plugins and build scripts. For builds that are vulnerable, there are two risks: 1) Information disclosure: Gradle could make dependency requests to repositories outside your organization and leak internal package identifiers. 2) Dependency poisoning/Dependency confusion: Gradle could download a malicious binary from a repository outside your organization due to name squatting. For a full example and more details refer to the referenced GitHub Security Advisory. The problem has been patched and released with Gradle 7.0. Users relying on this feature should upgrade their build as soon as possible. As a workaround, users may use a company repository which has the right rules for fetching packages from public repositories, or use project level repository content filtering, inside `buildscript.repositories`. This option is available since Gradle 5.1 when the feature was introduced.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gradle: repository content filters do not work in Settings pluginManagement",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-29427"
        },
        {
          "category": "external",
          "summary": "RHBZ#1949638",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949638"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29427",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-29427"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29427",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29427"
        }
      ],
      "release_date": "2021-04-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gradle: repository content filters do not work in Settings pluginManagement"
    },
    {
      "cve": "CVE-2021-29428",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "discovery_date": "2021-04-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1949643"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreating files in the system temporary directory. This vulnerability impacted builds using precompiled script plugins written in Kotlin DSL and tests for Gradle plugins written using ProjectBuilder or TestKit. If you are on Windows or modern versions of macOS, you are not vulnerable. If you are on a Unix-like operating system with the \"sticky\" bit set on your system temporary directory, you are not vulnerable. The problem has been patched and released with Gradle 7.0. As a workaround, on Unix-like operating systems, ensure that the \"sticky\" bit is set. This only allows the original user (or root) to delete a file. If you are unable to change the permissions of the system temporary directory, you can move the Java temporary directory by setting the System Property `java.io.tmpdir`. The new path needs to limit permissions to the build user only. For additional details refer to the referenced GitHub Security Advisory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gradle: local privilege escalation through system temporary directory",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat CodeReady Studio 12 is not affected by this vulnerability because it does not ship the vulnerable code.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-29428"
        },
        {
          "category": "external",
          "summary": "RHBZ#1949643",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949643"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29428",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-29428"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29428",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29428"
        }
      ],
      "release_date": "2021-04-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gradle: local privilege escalation through system temporary directory"
    },
    {
      "cve": "CVE-2021-29429",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2021-04-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1949636"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded into the system temporary directory first. Sensitive information contained in these files can be exposed to other local users on the same system. If you do not use the `TextResourceFactory` API, you are not vulnerable. As of Gradle 7.0, uses of the system temporary directory have been moved to the Gradle User Home directory. By default, this directory is restricted to the user running the build. As a workaround, set a more restrictive umask that removes read access to other users. When files are created in the system temporary directory, they will not be accessible to other users. If you are unable to change your system\u0027s umask, you can move the Java temporary directory by setting the System Property `java.io.tmpdir`. The new path needs to limit permissions to the build user only.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gradle: information disclosure through temporary directory permissions",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-29429"
        },
        {
          "category": "external",
          "summary": "RHBZ#1949636",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949636"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29429",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-29429"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29429",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29429"
        }
      ],
      "release_date": "2021-04-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "gradle: information disclosure through temporary directory permissions"
    },
    {
      "cve": "CVE-2021-43797",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2031958"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty: control chars in header names may lead to HTTP request smuggling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated, hence the affected components are marked as wontfix.\nThe openshift4/ose-logging-elasticsearch6 container is marked as Out of support scope because since the release of OCP 4.7 the logging functionality is delivered as an OpenShift Logging product and OCP 4.6 is already in the Maintenance Support phase.\nA fix was introduced in netty-codec-http version 4.1.72.Final.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "RHBZ#2031958",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43797",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty: control chars in header names may lead to HTTP request smuggling"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Sanne Grinovero"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2022-0981",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "discovery_date": "2022-02-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2062520"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-0981"
        },
        {
          "category": "external",
          "summary": "RHBZ#2062520",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062520"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0981",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-0981"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0981",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0981"
        },
        {
          "category": "external",
          "summary": "https://github.com/quarkusio/quarkus/issues/23269",
          "url": "https://github.com/quarkusio/quarkus/issues/23269"
        }
      ],
      "release_date": "2022-02-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus"
    },
    {
      "cve": "CVE-2022-21363",
      "cwe": {
        "id": "CWE-280",
        "name": "Improper Handling of Insufficient Permissions or Privileges"
      },
      "discovery_date": "2022-01-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2047343"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21363"
        },
        {
          "category": "external",
          "summary": "RHBZ#2047343",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21363",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21363"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363"
        },
        {
          "category": "external",
          "summary": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL",
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL"
        }
      ],
      "release_date": "2022-01-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors"
    },
    {
      "cve": "CVE-2022-21724",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "discovery_date": "2022-02-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2050863"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Quarkus 2.7.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21724"
        },
        {
          "category": "external",
          "summary": "RHBZ#2050863",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21724",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4",
          "url": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4"
        }
      ],
      "release_date": "2022-02-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-18T10:56:05+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat build of Quarkus 2.7.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4623"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Quarkus 2.7.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes"
    }
  ]
}

RHSA-2022:4918

Vulnerability from csaf_redhat - Published: 2022-06-06 15:54 - Updated: 2026-05-14 22:32

Summary

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7

Severity

Moderate

Notes

Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es): * h2: Loading of custom classes from remote servers through JNDI (CVE-2022-23221) * jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518) * netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136) * netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137) * h2: Remote Code Execution in Console (CVE-2021-42392) * netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797) * xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr (CVE-2022-0084) * wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled (CVE-2022-0866) * undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319) * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299) * mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors (CVE-2022-21363) * xerces-j2: infinite loop when handling specially crafted XML document payloads (CVE-2022-23437) * artemis-commons: Apache ActiveMQ Artemis DoS (CVE-2022-23913) * Moment.js: Path traversal in moment.locale (CVE-2022-24785) * jboss-client: memory leakage in remote client transaction (CVE-2022-0853) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-36518

A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—	Vendor Fix fix

Known not affected 115 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2021-37136

A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 29 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix

Known not affected 88 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2021-37137

A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 29 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix

Known not affected 88 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2021-42392

A flaw was found in h2. The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. This flaw allows an attacker to use this URL to send another server’s code, causing remote code execution. This issue is exploited through various attack vectors, most notably through the H2 Console, which leads to unauthenticated remote code execution.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—	Vendor Fix fix

Known not affected 115 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Low

CVE-2021-43797

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Fixed 29 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix

Known not affected 88 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Low

CVE-2022-0084

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—	Vendor Fix fix

Known not affected 115 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2022-0853

A flaw was found in the jboss-client. A memory leak on the JBoss client-side occurs when using UserTransaction repeatedly, leading to an information leakage vulnerability.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-401 - Missing Release of Memory after Effective Lifetime

Affected products

Fixed 5 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix

Known not affected 112 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Low

CVE-2022-0866

A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have.

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-1220 - Insufficient Granularity of Access Control

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix Workaround

Known not affected 111 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src	—	Workaround

Threats

Impact Moderate

CVE-2022-1319

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-252 - Unchecked Return Value

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—	Vendor Fix fix

Known not affected 115 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2022-21299

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—	Vendor Fix fix

Known not affected 115 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2022-21363

6.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-280 - Improper Handling of Insufficient Permissions or Privileges

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Vendor Fix fix

Known not affected 111 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Low

CVE-2022-23221

A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—	Vendor Fix fix

Known not affected 115 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Low

CVE-2022-23437

A flaw was found in the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This issue causes the XercesJ XML parser to wait in an infinite loop, which may consume system resources for a prolonged duration, leading to a denial of service condition.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—	Vendor Fix fix

Known not affected 115 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2022-23913

In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 17 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Vendor Fix fix

Known not affected 100 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch		—
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src		—

Threats

Impact Moderate

CVE-2022-24785

A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch		—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src		—	Vendor Fix fix Workaround

Known not affected 115 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch	—	Workaround
Unresolved product id: 7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src	—	Workaround

Threats

Impact Moderate

References

106 references

URL	Category
https://access.redhat.com/errata/RHSA-2022:4918	self
https://bugzilla.redhat.com/show_bug.cgi?id=2063601	external
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/documentation/en-us/red…	external
https://access.redhat.com/documentation/en-us/red…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2004133	external
https://bugzilla.redhat.com/show_bug.cgi?id=2004135	external
https://bugzilla.redhat.com/show_bug.cgi?id=2031958	external
https://bugzilla.redhat.com/show_bug.cgi?id=2039403	external
https://bugzilla.redhat.com/show_bug.cgi?id=2041472	external
https://bugzilla.redhat.com/show_bug.cgi?id=2044596	external
https://bugzilla.redhat.com/show_bug.cgi?id=2047200	external
https://bugzilla.redhat.com/show_bug.cgi?id=2047343	external
https://bugzilla.redhat.com/show_bug.cgi?id=2060725	external
https://bugzilla.redhat.com/show_bug.cgi?id=2064226	external
https://bugzilla.redhat.com/show_bug.cgi?id=2064698	external
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://bugzilla.redhat.com/show_bug.cgi?id=2073890	external
https://issues.redhat.com/browse/JBEAP-23120	external
https://issues.redhat.com/browse/JBEAP-23171	external
https://issues.redhat.com/browse/JBEAP-23194	external
https://issues.redhat.com/browse/JBEAP-23241	external
https://issues.redhat.com/browse/JBEAP-23299	external
https://issues.redhat.com/browse/JBEAP-23300	external
https://issues.redhat.com/browse/JBEAP-23312	external
https://issues.redhat.com/browse/JBEAP-23313	external
https://issues.redhat.com/browse/JBEAP-23336	external
https://issues.redhat.com/browse/JBEAP-23338	external
https://issues.redhat.com/browse/JBEAP-23339	external
https://issues.redhat.com/browse/JBEAP-23351	external
https://issues.redhat.com/browse/JBEAP-23353	external
https://issues.redhat.com/browse/JBEAP-23429	external
https://issues.redhat.com/browse/JBEAP-23432	external
https://issues.redhat.com/browse/JBEAP-23451	external
https://issues.redhat.com/browse/JBEAP-23531	external
https://bugzilla.redhat.com/show_bug.cgi?id=2060929	external
https://issues.redhat.com/browse/JBEAP-23532	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2020-36518	self
https://bugzilla.redhat.com/show_bug.cgi?id=2064698	external
https://www.cve.org/CVERecord?id=CVE-2020-36518	external
https://nvd.nist.gov/vuln/detail/CVE-2020-36518	external
https://github.com/advisories/GHSA-57j2-w4cx-62h2	external
https://access.redhat.com/security/cve/CVE-2021-37136	self
https://bugzilla.redhat.com/show_bug.cgi?id=2004133	external
https://www.cve.org/CVERecord?id=CVE-2021-37136	external
https://nvd.nist.gov/vuln/detail/CVE-2021-37136	external
https://github.com/netty/netty/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2021-37137	self
https://bugzilla.redhat.com/show_bug.cgi?id=2004135	external
https://www.cve.org/CVERecord?id=CVE-2021-37137	external
https://nvd.nist.gov/vuln/detail/CVE-2021-37137	external
https://access.redhat.com/security/cve/CVE-2021-42392	self
https://bugzilla.redhat.com/show_bug.cgi?id=2039403	external
https://www.cve.org/CVERecord?id=CVE-2021-42392	external
https://nvd.nist.gov/vuln/detail/CVE-2021-42392	external
https://github.com/h2database/h2database/security…	external
https://access.redhat.com/security/cve/CVE-2021-43797	self
https://bugzilla.redhat.com/show_bug.cgi?id=2031958	external
https://www.cve.org/CVERecord?id=CVE-2021-43797	external
https://nvd.nist.gov/vuln/detail/CVE-2021-43797	external
https://github.com/netty/netty/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2022-0084	self
https://bugzilla.redhat.com/show_bug.cgi?id=2064226	external
https://www.cve.org/CVERecord?id=CVE-2022-0084	external
https://nvd.nist.gov/vuln/detail/CVE-2022-0084	external
https://access.redhat.com/security/cve/CVE-2022-0853	self
https://bugzilla.redhat.com/show_bug.cgi?id=2060725	external
https://www.cve.org/CVERecord?id=CVE-2022-0853	external
https://nvd.nist.gov/vuln/detail/CVE-2022-0853	external
https://access.redhat.com/security/cve/CVE-2022-0866	self
https://bugzilla.redhat.com/show_bug.cgi?id=2060929	external
https://www.cve.org/CVERecord?id=CVE-2022-0866	external
https://nvd.nist.gov/vuln/detail/CVE-2022-0866	external
https://access.redhat.com/security/cve/CVE-2022-1319	self
https://bugzilla.redhat.com/show_bug.cgi?id=2073890	external
https://www.cve.org/CVERecord?id=CVE-2022-1319	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1319	external
https://access.redhat.com/security/cve/CVE-2022-21299	self
https://bugzilla.redhat.com/show_bug.cgi?id=2041472	external
https://www.cve.org/CVERecord?id=CVE-2022-21299	external
https://nvd.nist.gov/vuln/detail/CVE-2022-21299	external
https://access.redhat.com/security/cve/CVE-2022-21363	self
https://bugzilla.redhat.com/show_bug.cgi?id=2047343	external
https://www.cve.org/CVERecord?id=CVE-2022-21363	external
https://nvd.nist.gov/vuln/detail/CVE-2022-21363	external
https://www.oracle.com/security-alerts/cpujan2022…	external
https://access.redhat.com/security/cve/CVE-2022-23221	self
https://bugzilla.redhat.com/show_bug.cgi?id=2044596	external
https://www.cve.org/CVERecord?id=CVE-2022-23221	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23221	external
https://github.com/advisories/GHSA-45hx-wfhj-473x	external
https://access.redhat.com/security/cve/CVE-2022-23437	self
https://bugzilla.redhat.com/show_bug.cgi?id=2047200	external
https://www.cve.org/CVERecord?id=CVE-2022-23437	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23437	external
https://access.redhat.com/security/cve/CVE-2022-23913	self
https://bugzilla.redhat.com/show_bug.cgi?id=2063601	external
https://www.cve.org/CVERecord?id=CVE-2022-23913	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23913	external
https://lists.apache.org/thread/fjynj57rd99s814rd…	external
https://access.redhat.com/security/cve/CVE-2022-24785	self
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://www.cve.org/CVERecord?id=CVE-2022-24785	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24785	external
https://github.com/moment/moment/security/advisor…	external

Acknowledgments

Schindler Elevator Ltd., Switzerland Oliver Bieri

Amazon Corretto Sergey Temnikov Ziyi Luo

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* h2: Loading of custom classes from remote servers through JNDI (CVE-2022-23221)\n\n* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* h2: Remote Code Execution in Console (CVE-2021-42392)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr (CVE-2022-0084)\n\n* wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled (CVE-2022-0866)\n\n* undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319)\n\n* OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299)\n\n* mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors (CVE-2022-21363)\n\n* xerces-j2: infinite loop when handling specially crafted XML document payloads (CVE-2022-23437)\n\n* artemis-commons: Apache ActiveMQ Artemis DoS (CVE-2022-23913)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\n* jboss-client: memory leakage in remote client transaction (CVE-2022-0853)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:4918",
        "url": "https://access.redhat.com/errata/RHSA-2022:4918"
      },
      {
        "category": "external",
        "summary": "2063601",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
      },
      {
        "category": "external",
        "summary": "2004133",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
      },
      {
        "category": "external",
        "summary": "2004135",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
      },
      {
        "category": "external",
        "summary": "2031958",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
      },
      {
        "category": "external",
        "summary": "2039403",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039403"
      },
      {
        "category": "external",
        "summary": "2041472",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472"
      },
      {
        "category": "external",
        "summary": "2044596",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044596"
      },
      {
        "category": "external",
        "summary": "2047200",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047200"
      },
      {
        "category": "external",
        "summary": "2047343",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
      },
      {
        "category": "external",
        "summary": "2060725",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060725"
      },
      {
        "category": "external",
        "summary": "2064226",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
      },
      {
        "category": "external",
        "summary": "2064698",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
      },
      {
        "category": "external",
        "summary": "2072009",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
      },
      {
        "category": "external",
        "summary": "2073890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
      },
      {
        "category": "external",
        "summary": "JBEAP-23120",
        "url": "https://issues.redhat.com/browse/JBEAP-23120"
      },
      {
        "category": "external",
        "summary": "JBEAP-23171",
        "url": "https://issues.redhat.com/browse/JBEAP-23171"
      },
      {
        "category": "external",
        "summary": "JBEAP-23194",
        "url": "https://issues.redhat.com/browse/JBEAP-23194"
      },
      {
        "category": "external",
        "summary": "JBEAP-23241",
        "url": "https://issues.redhat.com/browse/JBEAP-23241"
      },
      {
        "category": "external",
        "summary": "JBEAP-23299",
        "url": "https://issues.redhat.com/browse/JBEAP-23299"
      },
      {
        "category": "external",
        "summary": "JBEAP-23300",
        "url": "https://issues.redhat.com/browse/JBEAP-23300"
      },
      {
        "category": "external",
        "summary": "JBEAP-23312",
        "url": "https://issues.redhat.com/browse/JBEAP-23312"
      },
      {
        "category": "external",
        "summary": "JBEAP-23313",
        "url": "https://issues.redhat.com/browse/JBEAP-23313"
      },
      {
        "category": "external",
        "summary": "JBEAP-23336",
        "url": "https://issues.redhat.com/browse/JBEAP-23336"
      },
      {
        "category": "external",
        "summary": "JBEAP-23338",
        "url": "https://issues.redhat.com/browse/JBEAP-23338"
      },
      {
        "category": "external",
        "summary": "JBEAP-23339",
        "url": "https://issues.redhat.com/browse/JBEAP-23339"
      },
      {
        "category": "external",
        "summary": "JBEAP-23351",
        "url": "https://issues.redhat.com/browse/JBEAP-23351"
      },
      {
        "category": "external",
        "summary": "JBEAP-23353",
        "url": "https://issues.redhat.com/browse/JBEAP-23353"
      },
      {
        "category": "external",
        "summary": "JBEAP-23429",
        "url": "https://issues.redhat.com/browse/JBEAP-23429"
      },
      {
        "category": "external",
        "summary": "JBEAP-23432",
        "url": "https://issues.redhat.com/browse/JBEAP-23432"
      },
      {
        "category": "external",
        "summary": "JBEAP-23451",
        "url": "https://issues.redhat.com/browse/JBEAP-23451"
      },
      {
        "category": "external",
        "summary": "JBEAP-23531",
        "url": "https://issues.redhat.com/browse/JBEAP-23531"
      },
      {
        "category": "external",
        "summary": "2060929",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060929"
      },
      {
        "category": "external",
        "summary": "JBEAP-23532",
        "url": "https://issues.redhat.com/browse/JBEAP-23532"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4918.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7",
    "tracking": {
      "current_release_date": "2026-05-14T22:32:12+00:00",
      "generator": {
        "date": "2026-05-14T22:32:12+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2022:4918",
      "initial_release_date": "2022-06-06T15:54:15+00:00",
      "revision_history": [
        {
          "date": "2022-06-06T15:54:15+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-06-06T15:54:15+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:32:12+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
                  "product_id": "7Server-JBEAP-7.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.15-1.Final_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
                "product": {
                  "name": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
                  "product_id": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-2.redhat_00002.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
                "product": {
                  "name": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
                  "product_id": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.11-1.SP1_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.6-1.redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.6-1.redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
                "product": {
                  "name": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
                  "product_id": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.6.1-1.redhat_00003.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.12-1.Final_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.6-1.redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.6-1.redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.12-1.Final_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
                "product": {
                  "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
                  "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP05_redhat_00002.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.24-1.SP1_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
                "product": {
                  "name": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
                  "product_id": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.26-1.Final_redhat_00002.2.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.7-1.SP1_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-3.SP04_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-1.SP1_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-undertow@2.2.17-2.SP4_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-1.Final_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.48-1.Final_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
                "product": {
                  "name": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
                  "product_id": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-16.Final_redhat_00015.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_id": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.6-1.redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
                "product": {
                  "name": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
                  "product_id": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.29.0-1.redhat_00001.2.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty@4.1.72-4.Final_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.72-1.Final_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
                "product": {
                  "name": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
                  "product_id": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.5-3.GA_redhat_00001.1.el7eap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
                "product": {
                  "name": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
                  "product_id": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-9.redhat_00042.1.el7eap?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
                "product": {
                  "name": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
                  "product_id": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-2.redhat_00002.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
                "product": {
                  "name": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
                  "product_id": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00004.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.11-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.11-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.11-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.11-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
                  "product_id": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.6.1-1.redhat_00003.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.12-1.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.12-1.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.12-1.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
                  "product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP05_redhat_00002.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.24-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                "product": {
                  "name": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_id": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.26-1.Final_redhat_00002.2.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                "product": {
                  "name": "eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_id": "eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.26-1.Final_redhat_00002.2.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                "product": {
                  "name": "eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_id": "eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.26-1.Final_redhat_00002.2.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                "product": {
                  "name": "eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_id": "eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.26-1.Final_redhat_00002.2.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                "product": {
                  "name": "eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_id": "eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.26-1.Final_redhat_00002.2.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.7-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-3.SP04_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jberet@1.3.9-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.9-1.SP1_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-undertow@2.2.17-2.SP4_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-1.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-1.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.48-1.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                  "product_id": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-16.Final_redhat_00015.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                  "product_id": "eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-16.Final_redhat_00015.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                  "product_id": "eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-16.Final_redhat_00015.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.6-1.redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
                "product": {
                  "name": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
                  "product_id": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.29.0-1.redhat_00001.2.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-common@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.72-4.Final_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.5-3.GA_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.5-3.GA_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.5-3.GA_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.5-3.GA_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                "product": {
                  "name": "eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_id": "eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.5-3.GA_redhat_00001.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_id": "eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-9.redhat_00042.1.el7eap?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
                "product": {
                  "name": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
                  "product_id": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.72-1.Final_redhat_00001.1.el7eap?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
                "product": {
                  "name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
                  "product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.72-1.Final_redhat_00001.1.el7eap?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src"
        },
        "product_reference": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        },
        "product_reference": "eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch"
        },
        "product_reference": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src"
        },
        "product_reference": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch"
        },
        "product_reference": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src"
        },
        "product_reference": "eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch"
        },
        "product_reference": "eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch"
        },
        "product_reference": "eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch"
        },
        "product_reference": "eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch"
        },
        "product_reference": "eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src"
        },
        "product_reference": "eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch"
        },
        "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src"
        },
        "product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src"
        },
        "product_reference": "eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch"
        },
        "product_reference": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src"
        },
        "product_reference": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64"
        },
        "product_reference": "eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64"
        },
        "product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch"
        },
        "product_reference": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src"
        },
        "product_reference": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch"
        },
        "product_reference": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        },
        "product_reference": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src",
        "relates_to_product_reference": "7Server-JBEAP-7.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-36518",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-03-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2064698"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: denial of service via a large depth of nested objects",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-36518"
        },
        {
          "category": "external",
          "summary": "RHBZ#2064698",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
          "url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
        }
      ],
      "release_date": "2020-08-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jackson-databind: denial of service via a large depth of nested objects"
    },
    {
      "cve": "CVE-2021-37136",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-09-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2004133"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-37136"
        },
        {
          "category": "external",
          "summary": "RHBZ#2004133",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
        }
      ],
      "release_date": "2021-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
    },
    {
      "cve": "CVE-2021-37137",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-09-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2004135"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-37137"
        },
        {
          "category": "external",
          "summary": "RHBZ#2004135",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
        }
      ],
      "release_date": "2021-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
    },
    {
      "cve": "CVE-2021-42392",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2022-01-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2039403"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in h2. The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. This flaw allows an attacker to use this URL to send another server\u2019s code, causing remote code execution. This issue is exploited through various attack vectors, most notably through the H2 Console, which leads to unauthenticated remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "h2: Remote Code Execution in Console",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP) the openshift4/ose-metering-presto container image ships the vulnerable version of h2, but as it uses default configuration the impact by this vulnerability is LOW. Additionally, the Presto component is part of the OCP Metering stack and since the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected component is marked as wontfix.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-42392"
        },
        {
          "category": "external",
          "summary": "RHBZ#2039403",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039403"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-42392",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-42392"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42392",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42392"
        },
        {
          "category": "external",
          "summary": "https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6",
          "url": "https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6"
        }
      ],
      "release_date": "2022-01-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "h2: Remote Code Execution in Console"
    },
    {
      "cve": "CVE-2021-43797",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2031958"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty: control chars in header names may lead to HTTP request smuggling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated, hence the affected components are marked as wontfix.\nThe openshift4/ose-logging-elasticsearch6 container is marked as Out of support scope because since the release of OCP 4.7 the logging functionality is delivered as an OpenShift Logging product and OCP 4.6 is already in the Maintenance Support phase.\nA fix was introduced in netty-codec-http version 4.1.72.Final.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "RHBZ#2031958",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43797",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "netty: control chars in header names may lead to HTTP request smuggling"
    },
    {
      "cve": "CVE-2022-0084",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-03-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2064226"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Although the CVSS stands for 7.5 score, the impact remains Moderate as it demands previous knowledge of the environment to trigger the Denial of Service (DoS)",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-0084"
        },
        {
          "category": "external",
          "summary": "RHBZ#2064226",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0084",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-0084"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084"
        }
      ],
      "release_date": "2022-03-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr"
    },
    {
      "cve": "CVE-2022-0853",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "discovery_date": "2022-03-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2060725"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the jboss-client. A memory leak on the JBoss client-side occurs when using UserTransaction repeatedly, leading to an information leakage vulnerability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jboss-client: memory leakage in remote client transaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-0853"
        },
        {
          "category": "external",
          "summary": "RHBZ#2060725",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060725"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0853",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-0853"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0853",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0853"
        }
      ],
      "release_date": "2022-03-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jboss-client: memory leakage in remote client transaction"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Oliver Bieri"
          ],
          "organization": "Schindler Elevator Ltd., Switzerland"
        }
      ],
      "cve": "CVE-2022-0866",
      "cwe": {
        "id": "CWE-1220",
        "name": "Insufficient Granularity of Access Control"
      },
      "discovery_date": "2022-02-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2060929"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "JBoss EAP 7.1 until 7.4 is not affected by default as it comes with Legacy Security enabled out-of-the-box. This only affects application scope range and the methods mentioned, no access to server data.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-0866"
        },
        {
          "category": "external",
          "summary": "RHBZ#2060929",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060929"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0866",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-0866"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0866",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0866"
        }
      ],
      "release_date": "2022-05-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        },
        {
          "category": "workaround",
          "details": "In order to avoid the possibility of information access, review application source code for \u0027@RunAs\u0027 and \u0027run-as-principal\u0027 usage. Also, make sure the application is using or not Elytron Security. It\u0027s possible to investigate by checking if the commands from \u0027$JBOSS_HOME/docs/examples/enable-elytron.cli\u0027 or similar were executed.",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled"
    },
    {
      "cve": "CVE-2022-1319",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2022-04-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2073890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "RHBZ#2073890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1319",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1319"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319"
        }
      ],
      "release_date": "2022-04-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: Double AJP response for 400 from EAP 7 results in CPING failures"
    },
    {
      "cve": "CVE-2022-21299",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2022-01-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2041472"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21299"
        },
        {
          "category": "external",
          "summary": "RHBZ#2041472",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21299",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21299",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21299"
        }
      ],
      "release_date": "2022-01-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646)"
    },
    {
      "cve": "CVE-2022-21363",
      "cwe": {
        "id": "CWE-280",
        "name": "Improper Handling of Insufficient Permissions or Privileges"
      },
      "discovery_date": "2022-01-19T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2047343"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21363"
        },
        {
          "category": "external",
          "summary": "RHBZ#2047343",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21363",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21363"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363"
        },
        {
          "category": "external",
          "summary": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL",
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL"
        }
      ],
      "release_date": "2022-01-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors"
    },
    {
      "cve": "CVE-2022-23221",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2022-01-19T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2044596"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "h2: Loading of custom classes from remote servers through JNDI",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23221"
        },
        {
          "category": "external",
          "summary": "RHBZ#2044596",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044596"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23221",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23221"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23221",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23221"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-45hx-wfhj-473x",
          "url": "https://github.com/advisories/GHSA-45hx-wfhj-473x"
        }
      ],
      "release_date": "2022-01-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "h2: Loading of custom classes from remote servers through JNDI"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Sergey Temnikov",
            "Ziyi Luo"
          ],
          "organization": "Amazon Corretto",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-23437",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2022-01-24T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2047200"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This issue causes the XercesJ XML parser to wait in an infinite loop, which may consume system resources for a prolonged duration, leading to a denial of service condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xerces-j2: infinite loop when handling specially crafted XML document payloads",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23437"
        },
        {
          "category": "external",
          "summary": "RHBZ#2047200",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047200"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23437",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23437",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23437"
        }
      ],
      "release_date": "2022-01-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "xerces-j2: infinite loop when handling specially crafted XML document payloads"
    },
    {
      "cve": "CVE-2022-23913",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2022-02-05T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2063601"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "artemis-commons: Apache ActiveMQ Artemis DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23913"
        },
        {
          "category": "external",
          "summary": "RHBZ#2063601",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23913",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23913"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2",
          "url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"
        }
      ],
      "release_date": "2022-02-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "artemis-commons: Apache ActiveMQ Artemis DoS"
    },
    {
      "cve": "CVE-2022-24785",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2022-04-05T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2072009"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Moment.js: Path traversal  in moment.locale",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In Quay 3.10 and above, no version of affected momentjs is present.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
          "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
          "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "RHBZ#2072009",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
          "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
        }
      ],
      "release_date": "2022-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-06-06T15:54:15+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:4918"
        },
        {
          "category": "workaround",
          "details": "Sanitize the user-provided locale name before passing it to Moment.js.",
          "product_ids": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-9.redhat_00042.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-h2database-0:1.4.197-2.redhat_00004.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.26-1.Final_redhat_00002.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.26-1.Final_redhat_00002.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.6.1-1.redhat_00003.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jberet-0:1.3.9-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jberet-core-0:1.3.9-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP05_redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.24-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-16.Final_redhat_00015.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-16.Final_redhat_00015.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-2.redhat_00002.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-0:4.1.72-4.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.48-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.72-1.Final_redhat_00001.1.el7eap.x86_64",
            "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.72-4.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el7eap.src",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-undertow-0:2.2.17-2.SP4_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.5-3.GA_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.12-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.12-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.11-1.SP1_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.5-3.GA_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el7eap.src",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.noarch",
            "7Server-JBEAP-7.4:eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el7eap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Moment.js: Path traversal  in moment.locale"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-21363 (GCVE-0-2022-21363)

Solution

Solution

Tags

Sightings

Nomenclature